CVE-2022-40149

Debian Bug report logs - #1022554 libjettison-java: CVE-2022-40149 Package: src:libjettison-java; Maintainer for src:libjettison-java is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 23 Oct 2022 19:21:02 UTC Severity: important ...

Several flaws have been discovered in libjettison-java, a collection of StAX parsers and writers for JSON Specially crafted user input may cause a denial of service via out-of-memory or stack overflow errors For the stable distribution (bullseye), these problems have been fixed in version 153-1~deb11u1 We recommend that you upgrade your libjet ...

Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS) If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow This effect may support a denial of service attack (CVE-2022-40149) ...

Synopsis Moderate: Red Hat Integration Camel Extensions For Quarkus 2132 Type/Severity Security Advisory: Moderate Topic Red Hat Integration Camel Extensions for Quarkus 2132 is now available The purpose of this text-only errata is to inform you about the security issues fixedRed Hat Product Security has rated this update as having an i ...

Synopsis Important: jenkins and jenkins-2-plugins security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for ...

Synopsis Important: jenkins and jenkins-2-plugins security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for ...

Synopsis Important: Red Hat Camel for Spring Boot 3145 Patch 1 release and security update Type/Severity Security Advisory: Important Topic A patch is now available for Camel for Spring Boot 3145 The purpose of this text-only errata is to inform you about the security issues fixed in this releaseRed Hat Product Security has rated this u ...

Synopsis Important: Red Hat Single Sign-On 762 for OpenShift image security and enhancement update Type/Severity Security Advisory: Important Topic A new image is available for Red Hat Single Sign-On 762, running on RedHat OpenShift Container Platform from the release of 311 up to the releaseof 4120Red Hat Product Security has rated t ...

概述 Important: Red Hat AMQ Streams 240 release and security update 类型/严重性 Security Advisory: Important 标题 Red Hat AMQ Streams 240 is now available from the Red Hat Customer PortalRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base scor ...

概述 Important: Red Hat Single Sign-On 762 security update on RHEL 8 类型/严重性 Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems 标题 New Red Hat Single Sign-On 762 packages are now available for Red Hat Enterprise Linux 8Red H ...

Synopsis Important: Red Hat JBoss Enterprise Application Platform 749 Security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update is now available for Red Hat JBoss Enterprise Application Platform 74 for ...

Synopsis Important: Red Hat Single Sign-On 762 security update on RHEL 7 Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic New Red Hat Single Sign-On 762 packages are now available for Red Hat Enterprise Linux 7Red Hat ...

Synopsis Important: Red Hat Single Sign-On 762 security update on RHEL 9 Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic New Red Hat Single Sign-On 762 packages are now available for Red Hat Enterprise Linux 9Red Hat ...

Synopsis Important: Red Hat Single Sign-On 762 security update Type/Severity Security Advisory: Important Topic A security update is now available for Red Hat Single Sign-On 76 from the Customer PortalRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base ...

Synopsis Important: Red Hat JBoss Enterprise Application Platform 749 Security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Enterprise Application Platform 74 Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Syste ...

DescriptionThe MITRE CVE dictionary describes this issue as: Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS) If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow This effect may support a denial of service atta ...