CVE-2022-45685 @ Maven-org.codehaus.jettison:jettison-1.2 #152

cyates-checkmarx · 2023-06-23T17:34:38Z

Vulnerable Package issue exists @ Maven-org.codehaus.jettison:jettison-1.2 in branch master

A stack overflow in Jettison versions prior to 1.5.2 allows attackers to cause a Denial of Service (DoS) via crafted JSON data.

Namespace: cyates-checkmarx
Repository: JVL
Repository Url: https://github.com/cyates-checkmarx/JVL
CxAST-Project: cyates-checkmarx/JVL
CxAST platform scan: 7b012027-b586-4987-b934-7a017732de85
Branch: master
Application: JVL
Severity: HIGH
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-787

Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: NONE
Availability impact: HIGH
Remediation Upgrade Recommendation: 1.5.4

References
Advisory
Issue
Commit
Pull request
Release Note

cyates-checkmarx closed this as completed Dec 11, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE-2022-45685 @ Maven-org.codehaus.jettison:jettison-1.2 #152

CVE-2022-45685 @ Maven-org.codehaus.jettison:jettison-1.2 #152

cyates-checkmarx commented Jun 23, 2023

CVE-2022-45685 @ Maven-org.codehaus.jettison:jettison-1.2 #152

CVE-2022-45685 @ Maven-org.codehaus.jettison:jettison-1.2 #152

Comments

cyates-checkmarx commented Jun 23, 2023