26 matches found
Unity Linux 20.1070e Security Update: woodstox-core (UTSA-2025-680589)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680589 advisory. Those using Woodstox to parse XML data may be vulnerable to Denial of Service attacks DOS if DTD support is enabled. If the parser is running on user supplied input,...
woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks
A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service DoS in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the...
woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks
A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service DoS in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the...
OESA-2024-2378 woodstox-core security update
Woodstox is a high-performance validating namespace-aware StAX-compliant JSR-173 Open Source XML-processor written in Java. XML processor means that it handles both input == parsing and output == writing, serialization, as well as supporting tasks such as validation. Security Fixes: Those using...
Medium: woodstox-core
Issue Overview: Those using Woodstox to parse XML data may be vulnerable to Denial of Service attacks DOS if DTD support is enabled. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial o...
Medium: woodstox-core
Issue Overview: Those using Woodstox to parse XML data may be vulnerable to Denial of Service attacks DOS if DTD support is enabled. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial o...
Amazon Linux 2 : woodstox-core (ALAS-2024-2463)
The version of woodstox-core installed on the remote host is prior to 4.1.2-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2463 advisory. Those using Woodstox to parse XML data may be vulnerable to Denial of Service attacks DOS if DTD support is enabled. If the...
woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks
A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service DoS in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the...
Important: Red Hat Security Advisory: Red Hat Process Automation Manager 7.13.4 security update
An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which provides a detailed severity rating, is available for each vulnerability from th...
woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks
A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service DoS in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the...
Important: Red Hat Security Advisory: Service Registry (container images) release and security update [2.4.3 GA]
An update to the images for Red Hat Integration - Service Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact...
woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks
A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service DoS in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the...
woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks
A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service DoS in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the...
woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks
A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service DoS in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the...
Mageia: Security Advisory (MGASA-2023-0104)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2023-0104 Updated woodstox-core packages fix security vulnerability
Denial of service using crafted input. CVE-2022-40152...
Updated woodstox-core packages fix security vulnerability
Denial of service using crafted input. CVE-2022-40152...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks
A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service DoS in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the...
woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks
A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service DoS in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the...