Debian Bug report logs -
#1022554
libjettison-java: CVE-2022-40149
Package:
src:libjettison-java;
Maintainer for src:libjettison-java is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sun, 23 Oct 2022 19:21:02 UTC
Severity: important ...
Several flaws have been discovered in libjettison-java, a collection of StAX
parsers and writers for JSON Specially crafted user input may cause a denial
of service via out-of-memory or stack overflow errors
For the stable distribution (bullseye), these problems have been fixed in
version 153-1~deb11u1
We recommend that you upgrade your libjet ...
Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS) If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow This effect may support a denial of service attack (CVE-2022-40149) ...
Synopsis
Moderate: Red Hat Integration Camel Extensions For Quarkus 2132
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Integration Camel Extensions for Quarkus 2132 is now available The purpose of this text-only errata is to inform you about the security issues fixedRed Hat Product Security has rated this update as having an i ...
Synopsis
Important: jenkins and jenkins-2-plugins security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for ...
Synopsis
Important: jenkins and jenkins-2-plugins security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for ...
Synopsis
Important: Red Hat Camel for Spring Boot 3145 Patch 1 release and security update
Type/Severity
Security Advisory: Important
Topic
A patch is now available for Camel for Spring Boot 3145 The purpose of this text-only errata is to inform you about the security issues fixed in this releaseRed Hat Product Security has rated this u ...
Synopsis
Important: Red Hat Single Sign-On 762 for OpenShift image security and enhancement update
Type/Severity
Security Advisory: Important
Topic
A new image is available for Red Hat Single Sign-On 762, running on RedHat OpenShift Container Platform from the release of 311 up to the releaseof 4120Red Hat Product Security has rated t ...
概述
Important: Red Hat AMQ Streams 240 release and security update
类型/严重性
Security Advisory: Important
标题
Red Hat AMQ Streams 240 is now available from the Red Hat Customer PortalRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base scor ...
概述
Important: Red Hat Single Sign-On 762 security update on RHEL 8
类型/严重性
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
标题
New Red Hat Single Sign-On 762 packages are now available for Red Hat Enterprise Linux 8Red H ...
Synopsis
Important: Red Hat JBoss Enterprise Application Platform 749 Security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 74 for ...
Synopsis
Important: Red Hat Single Sign-On 762 security update on RHEL 7
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
New Red Hat Single Sign-On 762 packages are now available for Red Hat Enterprise Linux 7Red Hat ...
Synopsis
Important: Red Hat Single Sign-On 762 security update on RHEL 9
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
New Red Hat Single Sign-On 762 packages are now available for Red Hat Enterprise Linux 9Red Hat ...
Synopsis
Important: Red Hat Single Sign-On 762 security update
Type/Severity
Security Advisory: Important
Topic
A security update is now available for Red Hat Single Sign-On 76 from the Customer PortalRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base ...
Synopsis
Important: Red Hat JBoss Enterprise Application Platform 749 Security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 74 Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Syste ...
DescriptionThe MITRE CVE dictionary describes this issue as: Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS) If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow This effect may support a denial of service atta ...