Jettisonproject Jettison
By the Year
In 2024 there have been 0 vulnerabilities in Jettisonproject Jettison . Last year Jettison had 1 security vulnerability published. Right now, Jettison is on track to have less security vulnerabilities in 2024 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 1 | 7.50 |
2022 | 4 | 7.50 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Jettison vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jettisonproject Jettison Security Vulnerabilities
An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection
CVE-2023-1436
7.5 - High
- March 22, 2023
An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown.
Stack Exhaustion
Jettison before v1.5.2 was discovered to contain a stack overflow via the map parameter
CVE-2022-45693
7.5 - High
- December 13, 2022
Jettison before v1.5.2 was discovered to contain a stack overflow via the map parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
Memory Corruption
A stack overflow in Jettison before v1.5.2
CVE-2022-45685
7.5 - High
- December 13, 2022
A stack overflow in Jettison before v1.5.2 allows attackers to cause a Denial of Service (DoS) via crafted JSON data.
Memory Corruption
Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS)
CVE-2022-40150
7.5 - High
- September 16, 2022
Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by Out of memory. This effect may support a denial of service attack.
Stack Exhaustion
Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS)
CVE-2022-40149
7.5 - High
- September 16, 2022
Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.
Memory Corruption
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Debian Linux or by Jettisonproject? Click the Watch button to subscribe.