Description
Jettison before v1.5.2 was discovered to contain a stack overflow via the map parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
Remediation
References
https://github.com/jettison-json/jettison/issues/52
https://lists.debian.org/debian-lts-announce/2022/12/msg00045.html
https://www.debian.org/security/2023/dsa-5312
Related Vulnerabilities
CVE-2021-21169 Vulnerability in npm package electron
CVE-2018-3729 Vulnerability in npm package localhost-now
CVE-2021-21162 Vulnerability in maven package org.webjars.npm:electron
CVE-2022-45210 Vulnerability in maven package org.jeecgframework.boot:jeecg-module-system
CVE-2023-42795 Vulnerability in maven package org.apache.tomcat:tomcat-catalina