Lucene search
Veracode Vulnerability DatabaseVERACODE:37123HistorySep 19, 2022 - 6:12 a.m.
Denial Of Service (DoS)
2022-09-1906:12:14
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
xstream is vulnerable to denial of service. The vulnerability exists due to the improper serialization of XML data in the processConverterAnnotations function in AnnotationMapper.java which allows an attacker to cause an application crash by providing malicious input through the parser.
| CPE | Name | Operator | Version |
|---|---|---|---|
| xstream core | le | 1.4.19 | |
| xstream core | le | 1.4.19 |
Related
cve
cve
CVE-2022-40156
2022-09-16 10:15:00
github
github
Denial of Service due to parser crash
2022-09-17 00:00:41
ubuntucve
ubuntucve
CVE-2022-40156
2022-09-16 00:00:00
debiancve
debiancve
CVE-2022-40156
2022-09-16 10:15:00
osv
osv
Denial of Service due to parser crash
2022-09-17 00:00:41
redhatcve
redhatcve
CVE-2022-40156
2022-10-13 15:31:13
ibm
ibm
redhat
redhat
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Related for VERACODE:37123