Red Hat JBossEAP: Uncontrolled Recursion (CVE-2023-1436)

发布于3月6日3月6日

Members

Red Hat JBossEAP: Uncontrolled Recursion (CVE-2023-1436)

Severity

CVSS

(AV:N/AC:H/Au:N/C:N/I:N/A:C)

Published

03/22/2023

Created

09/20/2024

Added

09/19/2024

Modified

12/20/2024

Description

An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown.. A flaw was found in Jettison. Infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This issue leads to a StackOverflowError exception being thrown.

Solution(s)

red-hat-jboss-eap-upgrade-latest

References

https://attackerkb.com/topics/cve-2023-1436
CVE - 2023-1436
https://access.redhat.com/security/cve/CVE-2023-1436
https://bugzilla.redhat.com/show_bug.cgi?id=2182788
https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911/
https://access.redhat.com/errata/RHSA-2023:4505
https://access.redhat.com/errata/RHSA-2023:4506
https://access.redhat.com/errata/RHSA-2023:4507
https://access.redhat.com/errata/RHSA-2023:4509

查看数 701
已创建 3月6日3月6日
最后回复 3月6日3月6日

https://www.ishack.org/topic/9902.html/

粉丝

转到主题列表

登录

Red Hat JBossEAP: Uncontrolled Recursion (CVE-2023-1436)

recommended_posts

Red Hat JBossEAP: Uncontrolled Recursion (CVE-2023-1436)

Description

Solution(s)

References

欢迎来到红帽社区

社区动态

红龙逆向工具箱2025最新版(ISHACK改良版)

修改底部版权信息

ips4.7升级到5.x版本问题。

IPS Invision Community 经常自动退出登录解决

网站程序安装中文语言包时没有中文选项？Debian中文包

帐户

导航

搜索