14 lines
911 B
JSON
14 lines
911 B
JSON
{
|
|
"id": "openEuler-SA-2023-1966",
|
|
"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2023-1966",
|
|
"title": "An update for jettison is now available for openEuler-22.03-LTS",
|
|
"severity": "Important",
|
|
"description": "Jettison is a collection of Java APIs (like STaX and DOM) which read and write JSON. This allows nearly transparent enablement of JSON based web services in services frameworks like CXF or XML serialization frameworks like XStream.\r\n\r\nSecurity Fix(es):\r\n\r\nAn infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown.\r\n\r\n(CVE-2023-1436)",
|
|
"cves": [
|
|
{
|
|
"id": "CVE-2023-1436",
|
|
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1436",
|
|
"severity": "Important"
|
|
}
|
|
]
|
|
} |