Denial Of Service (DoS)

🗓️ 19 Sep 2022 13:11:51Reported by Veracode Vulnerability DatabaseType

veracode🔗 sca.analysiscenter.veracode.com👁 33 Views

Jettison DoS vulnerability in JSONTokener.java functio

Reporter	Title	Published	Views	Family All 122
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM includes components with known vulnerabilities	6 Jul 202318:48	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Sterling B2B Integrator EBICs client affected by multiple issues due to Jettison	19 Dec 202319:21	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM includes components with known vulnerabilities	26 Mar 202503:39	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities including remote code execution in Apache Commons Text 1.9	8 Dec 202204:10	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Disconnected Log Collector is vulnerable to using components with known vulnerabilities	29 Sep 202318:56	–	ibm
IBM Security Bulletins	Security Bulletin: IBM UrbanCode Deploy (UCD) is vulnerable to denial of service due to Jettison-json (CVE-2022-40149, CVE-2022-40150)	28 Nov 202214:09	–	ibm
IBM Security Bulletins	Security Bulletin: jettison-json Jettison used by CICS Transaction Gateway is vulnerable to a denial of service	8 Dec 202210:40	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Jettison affects IBM Process Mining . Multiple CVEs	1 Feb 202320:07	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Jettison	2 May 202320:29	–	ibm
IBM Security Bulletins	Security Bulletin: IBM UrbanCode Release addresses multiple vulnerablities.	27 Oct 202307:53	–	ibm

Vulners

Node

libjettison-java libjettison-javaMatch1.4.1-1debian

AND

libjettison-java libjettison-javaMatch1.4.0-1debian

AND

debian debian_linuxMatch11

libjettison-java libjettison-javaMatch1.4.0-1debian

AND

libjettison-java libjettison-javaMatch1.4.1-1debian

AND

debian debian_linuxMatch999

libjettison-java libjettison-javaMatch1.4.0-1debian

AND

debian debian_linuxMatch10

jettison_project jettisonRange1.0-RC1–1.4.1java

jettison_project jettisonMatch1.3.3_4.el7

eap7-jettison eap7-jettisonMatch1.4.0_1.redhat_00001.1.el7eap

eap7-jettison eap7-jettisonMatch1.3.3_3.redhat_2.1.ep7.el7

eap7-jettison eap7-jettisonMatch1.3.8_2.redhat_1.1.el7eap

eap7-jettison eap7-jettisonMatch1.3.8_1.redhat_1.1.ep7.el7

eap7-jettison eap7-jettisonMatch1.4.0_1.redhat_00001.1.el9eap

eap7-jettison eap7-jettisonMatch1.4.0_1.redhat_00001.1.el8eap

eap7-jettison eap7-jettisonMatch1.3.8_2.redhat_1.1.el8eap

rh-sso7-keycloak rh-sso7-keycloakMatch2.5.15_2.final_redhat_3.1.jbcs.el7

rh-sso7-keycloak rh-sso7-keycloakMatch2.5.5_2.final_redhat_1.1.jbcs.el7

rh-sso7-keycloak rh-sso7-keycloakMatch3.4.12_1.final_redhat_1.1.jbcs.el7

rh-sso7-keycloak rh-sso7-keycloakMatch3.4.10_1.final_redhat_1.1.jbcs.el7

rh-sso7-keycloak rh-sso7-keycloakMatch2.4.0_4.final_redhat_1.1.jbcs.el7

rh-sso7-keycloak rh-sso7-keycloakMatch2.5.10_1.final_redhat_1.1.jbcs.el7

rh-sso7-keycloak rh-sso7-keycloakMatch3.4.3_1.final_redhat_2.1.jbcs.el7

rh-sso7-keycloak rh-sso7-keycloakMatch2.5.7_1.final_redhat_2.1.jbcs.el7

rh-sso7-keycloak rh-sso7-keycloakMatch2.5.14_1.final_redhat_1.1.jbcs.el7

rh-sso7-keycloak rh-sso7-keycloakMatch3.4.8_2.final_redhat_6.1.jbcs.el7

rh-sso7-keycloak rh-sso7-keycloakMatch3.4.6_1.final_redhat_1.1.jbcs.el7

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1671706212_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.6.1650364520_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1642418992_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.11.1661877421_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1663599478_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.8.1633555500_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1684982411_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1675936179_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.7.1652967082_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.6.1617886678_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.7.1621361158_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.8.1642420115_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.7.1648800585_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1687341544_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1630555871_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1675407676_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1675668922_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.7.1611636915_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.7.1637600997_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1680703106_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1667207005_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.8.1672842762_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.6.1629443573_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1680069756_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1669894222_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1647580879_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.8.1643649345_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1644822177_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.8.1641573626_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.6.1643965689_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1648739557_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.6.1612257979_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.11.1683009941_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.7.1643883495_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.6.1653312933_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1681719745_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.8.1624022417_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1667388055_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1676951056_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1674644684_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1642607680_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.12.1675702407_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.11.1663082208_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.7.1616671397_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1685679861_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1643404185_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1643389956_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1651754460_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.6.1623162648_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.12.1683009955_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1647505461_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.8.1637599935_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1650890594_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1641470084_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.6.1601368321_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1675144701_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1637598812_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.6.1609853716_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.9.1667460322_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.8.1646993358_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.10.1663147786_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.6.1637602169_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.8.1642609156_1.el8

jenkins-2-plugins jenkins-2-pluginsMatch4.6.1605620903_1.el8

Source	Link
github	www.github.com/jettison-json/jettison/issues/45
github	www.github.com/jettison-json/jettison/commit/d3714681f61581810680df8e45858a4d30a602da
bugs	www.bugs.chromium.org/p/oss-fuzz/issues/detail
lists	www.lists.debian.org/debian-lts-announce/2022/12/msg00045.html
debian	www.debian.org/security/2023/dsa-5312
github	www.github.com/advisories/GHSA-x27m-9w8j-5vcw

13 Jul 2023 18:52Current

8.2High risk

Vulners AI Score8.2

CVSS 3.16.5 - 7.5

EPSS0.00065