Amazon Linux 2 Security Advisory: ALAS-2023-2086
Advisory Release Date: 2023-06-07 23:52 Pacific
Advisory Updated Date: 2023-06-12 23:09 Pacific
A stack overflow in Jettison before v1.5.2 allows attackers to cause a Denial of Service (DoS) via crafted JSON data. (CVE-2022-45685)
Jettison before v1.5.2 was discovered to contain a stack overflow via the map parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string. (CVE-2022-45693)
Affected Packages:
jettison
Issue Correction:
Run yum update jettison to update your system.
noarch:
jettison-1.3.3-4.amzn2.0.3.noarch
jettison-javadoc-1.3.3-4.amzn2.0.3.noarch
src:
jettison-1.3.3-4.amzn2.0.3.src