An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown.
References
Link | Resource |
---|---|
https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911/ | Exploit Third Party Advisory |
Configurations
History
29 Mar 2023, 19:07
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911/ - Exploit, Third Party Advisory | |
CWE | CWE-674 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CPE | cpe:2.3:a:jettison_project:jettison:*:*:*:*:*:*:*:* |
22 Mar 2023, 06:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-03-22 06:15
Updated : 2024-02-04 23:37
NVD link : CVE-2023-1436
Mitre link : CVE-2023-1436
CVE.ORG link : CVE-2023-1436
JSON object : View
Products Affected
jettison_project
- jettison
CWE
CWE-674
Uncontrolled Recursion