Lucene search
Veracode Vulnerability DatabaseVERACODE:37160HistorySep 19, 2022 - 4:37 p.m.
Denial Of Service (DoS)
2022-09-1916:37:33
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
XStream Core is vulnerable to denial of service. The vulnerability exist due to a stack overflow during the serialization of xml data which allows an attacker to parse malicious input causing an application crash.
| CPE | Name | Operator | Version |
|---|---|---|---|
| xstream core | le | 1.4.19 | |
| xstream core | le | 1.4.19 |
Related
cve
cve
CVE-2022-40153
2022-09-16 10:15:00
osv
osv
Denial of Service due to parser crash
2022-09-17 00:00:41
github
github
Denial of Service due to parser crash
2022-09-17 00:00:41
redhatcve
redhatcve
CVE-2022-40153
2022-10-13 15:30:54
ubuntucve
ubuntucve
CVE-2022-40153
2022-09-16 00:00:00
ibm
ibm
Security Bulletin: Due to the use of XStream, IBM Tivoli Netcool Configuration Manager is vulnerable to Denial of Service (DoS) attacks (CVE-2022-40153)
2023-01-30 11:56:51
debiancve
debiancve
CVE-2022-40153
2022-09-16 10:15:00
redhat
redhat
oracle
oracle
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Related for VERACODE:37160