CVE-2022-45693 @ Maven-org.codehaus.jettison:jettison-1.2 #184

cyates-checkmarx · 2023-06-23T17:34:59Z

Vulnerable Package issue exists @ Maven-org.codehaus.jettison:jettison-1.2 in branch master

Jettison versions before 1.5.2 was discovered to contain a stack overflow via the map parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.

Namespace: cyates-checkmarx
Repository: JVL
Repository Url: https://github.com/cyates-checkmarx/JVL
CxAST-Project: cyates-checkmarx/JVL
CxAST platform scan: 7b012027-b586-4987-b934-7a017732de85
Branch: master
Application: JVL
Severity: HIGH
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-787

Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: NONE
Availability impact: HIGH
Remediation Upgrade Recommendation: 1.5.4

References
Advisory
Issue
Commit
Pull request
Release Note

cyates-checkmarx closed this as completed Dec 11, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE-2022-45693 @ Maven-org.codehaus.jettison:jettison-1.2 #184

CVE-2022-45693 @ Maven-org.codehaus.jettison:jettison-1.2 #184

cyates-checkmarx commented Jun 23, 2023

CVE-2022-45693 @ Maven-org.codehaus.jettison:jettison-1.2 #184

CVE-2022-45693 @ Maven-org.codehaus.jettison:jettison-1.2 #184

Comments

cyates-checkmarx commented Jun 23, 2023