Lucene search
Veracode Vulnerability DatabaseVERACODE:37120HistorySep 19, 2022 - 5:18 a.m.
Denial Of Service (DoS)
2022-09-1905:18:16
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
xstream is vulnerable to denial of service. The vulnerability exists due to the stack overflow in the processConverterAnnotations function of AnnotationMapper.java, allowing an attacker to cause an application crash by providing malicious input through the parser
| CPE | Name | Operator | Version |
|---|---|---|---|
| xstream core | le | 1.4.19 | |
| xstream core | le | 1.4.19 |
Related
cve
cve
CVE-2022-40154
2022-09-16 10:15:00
github
github
Denial of Service via stack overflow
2022-09-17 00:00:41
redhatcve
redhatcve
CVE-2022-40154
2022-09-22 06:18:50
osv
osv
Denial of Service via stack overflow
2022-09-17 00:00:41
ubuntucve
ubuntucve
CVE-2022-40154
2022-09-16 00:00:00
debiancve
debiancve
CVE-2022-40154
2022-09-16 10:15:00
ibm
ibm
redhat
redhat
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Related for VERACODE:37120