Description
Jettison before v1.5.2 was discovered to contain a stack overflow via the map parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
Remediation
References
https://github.com/jettison-json/jettison/issues/52
https://lists.debian.org/debian-lts-announce/2022/12/msg00045.html
https://www.debian.org/security/2023/dsa-5312
Related Vulnerabilities
CVE-2023-32007 Vulnerability in maven package org.apache.spark:spark-core_2.12
CVE-2020-28267 Vulnerability in npm package @strikeentco/set
CVE-2020-26234 Vulnerability in maven package org.opencastproject:opencast-kernel
CVE-2023-29202 Vulnerability in maven package org.xwiki.platform:xwiki-platform-rendering-macro-rss
CVE-2023-48089 Vulnerability in maven package com.xuxueli:xxl-job-admin