A vulnerability in the JsonMapObjectReaderWriter of Apache CXF allows an malicious user to submit malformed JSON to a web service, which results in the thread getting stuck in an infinite loop, consuming CPU indefinitely. This issue affects Apache CXF versions before 3.4.4; Apache CXF versions before 3.3.11.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache cxf |
||
apache tomee 8.0.6 |
||
oracle business intelligence 5.5.0.0.0 |
||
oracle business intelligence 5.9.0.0.0 |
||
oracle business intelligence 12.2.1.3.0 |
||
oracle business intelligence 12.2.1.4.0 |
||
oracle communications element manager 8.2.2 |
||
oracle communications messaging server 8.1 |