exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

CVE-2022-42004

Status Candidate

Overview

In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.

Related Files

Red Hat Security Advisory 2023-3663-01
Posted Jun 19, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3663-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include bypass, cross site scripting, denial of service, information leakage, insecure permissions, memory exhaustion, and resource exhaustion vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2022-2048, CVE-2022-22976, CVE-2022-40149, CVE-2022-40150, CVE-2022-41966, CVE-2022-42003, CVE-2022-42004, CVE-2023-1370, CVE-2023-1436, CVE-2023-20860, CVE-2023-26464, CVE-2023-27898, CVE-2023-27899, CVE-2023-27903
SHA-256 | a1e8f32defa19f2f1392ba490d9129bc4b5de076aa6ffae28d55d9c26539ddf8
Red Hat Security Advisory 2023-3641-01
Posted Jun 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3641-01 - This release of Camel for Spring Boot 3.18.3.P2 serves as a replacement for Camel for Spring Boot 3.18.3.P1 and includes bug fixes and enhancements, which are documented in the Release Notes linked in the References. Issues addressed include denial of service, deserialization, resource exhaustion, and server-side request forgery vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2022-25857, CVE-2022-38749, CVE-2022-38750, CVE-2022-38751, CVE-2022-38752, CVE-2022-40152, CVE-2022-40156, CVE-2022-41854, CVE-2022-42003, CVE-2022-42004, CVE-2022-45047, CVE-2022-46363, CVE-2022-46364, CVE-2023-1370
SHA-256 | eb79672d81b6aa5092fafd004e07db829635eeae6f5dd78abb16d98cdb9e3928
Red Hat Security Advisory 2023-3223-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3223-01 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 2.4.0 serves as a replacement for Red Hat AMQ Streams 2.3.0, and includes security and bug fixes, and enhancements. Issues addressed include denial of service, deserialization, information leakage, memory exhaustion, and resource exhaustion vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2020-36518, CVE-2021-0341, CVE-2021-37136, CVE-2021-37137, CVE-2021-46877, CVE-2022-24823, CVE-2022-36944, CVE-2022-40149, CVE-2022-40150, CVE-2022-42003, CVE-2022-42004, CVE-2023-0833, CVE-2023-1370
SHA-256 | 2e9f7b14744710d4471684a7020cb03110e262064411dd07a3bca0add6dbd69d
Red Hat Security Advisory 2023-1006-01
Posted Mar 9, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1006-01 - This release of Red Hat build of Quarkus 2.7.7 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include code execution, denial of service, deserialization, information leakage, memory leak, and remote SQL injection vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, code execution, sql injection, memory leak
systems | linux, redhat
advisories | CVE-2022-1471, CVE-2022-31197, CVE-2022-3171, CVE-2022-41946, CVE-2022-41966, CVE-2022-42003, CVE-2022-42004, CVE-2022-42889, CVE-2023-0044
SHA-256 | 22e7b3eb2e44fe047c265d427baa95d5cd894dbe2e83f35b2ba2c51d7269e2f5
Red Hat Security Advisory 2023-1064-01
Posted Mar 6, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1064-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include bypass, cross site request forgery, cross site scripting, and deserialization vulnerabilities.

tags | advisory, vulnerability, xss, csrf
systems | linux, redhat
advisories | CVE-2022-29047, CVE-2022-30952, CVE-2022-42003, CVE-2022-42004, CVE-2022-43401, CVE-2022-43402, CVE-2022-43403, CVE-2022-43404, CVE-2022-43405, CVE-2022-43406, CVE-2022-43407, CVE-2022-43408, CVE-2022-43409, CVE-2022-43410
SHA-256 | 914201513c49c4a46c9069d550e5e5e2e0d399b05ba7a90a95a69e7651a59611
Red Hat Security Advisory 2023-0713-01
Posted Feb 10, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0713-01 - Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. Data Grid 8.4.1 replaces Data Grid 8.4.0 and includes bug fixes and enhancements. Issues addressed include denial of service and deserialization vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2022-36313, CVE-2022-37603, CVE-2022-41881, CVE-2022-42003, CVE-2022-42004, CVE-2022-45047
SHA-256 | 2acb2904db98d931918c873c17d581f7132a594103bc8c9c8f4f52ecc4578aac
Red Hat Security Advisory 2023-0469-01
Posted Jan 27, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0469-01 - Red Hat Integration Camel Extensions for Quarkus 2.13.2 is now available. Issues addressed include denial of service and memory exhaustion vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2022-40149, CVE-2022-40150, CVE-2022-40151, CVE-2022-40152, CVE-2022-40153, CVE-2022-40154, CVE-2022-40155, CVE-2022-40156, CVE-2022-42003, CVE-2022-42004, CVE-2022-42889
SHA-256 | 78de6afc9535fe20cdbc4329849f36770128cfd58b4cbe81608fa281372496ec
Red Hat Security Advisory 2023-0471-01
Posted Jan 27, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0471-01 - An update is now available for Migration Toolkit for Runtimes (v1.0.1). Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-25914, CVE-2022-3517, CVE-2022-37603, CVE-2022-42003, CVE-2022-42004, CVE-2022-42920
SHA-256 | a9ddfe493b165d13e9e19414d2fa47a50502ff50ea8ddef4c48b8d9afc4a9beb
Red Hat Security Advisory 2023-0264-01
Posted Jan 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0264-01 - An update for Logging Subsystem (5.6.0) is now available for Red Hat OpenShift Container Platform. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-36518, CVE-2022-27664, CVE-2022-2879, CVE-2022-2880, CVE-2022-32190, CVE-2022-37601, CVE-2022-41715, CVE-2022-42003, CVE-2022-42004
SHA-256 | 255bfedc87d24b5956d9e04b09416e9666a11e0d3380e6f923f404f1b7b346e7
Red Hat Security Advisory 2023-0189-01
Posted Jan 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0189-01 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 2.3.0 serves as a replacement for Red Hat AMQ Streams 2.2.0, and includes security and bug fixes, and enhancements. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2022-2047, CVE-2022-2048, CVE-2022-2191, CVE-2022-38752, CVE-2022-42003, CVE-2022-42004
SHA-256 | 890be5c5d27ca09a0cfafdb4527e34cc5f1ad5257a592ecaece812f81c4d160b
Red Hat Security Advisory 2022-9032-01
Posted Dec 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-9032-01 - This release of Red Hat build of Eclipse Vert.x 4.3.4 GA includes security updates. For more information, see the release notes listed in the References section. Issues addressed include code execution and deserialization vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2022-1471, CVE-2022-42003, CVE-2022-42004
SHA-256 | e7de31ae1154e66696a2092766140058a7706b1ca1946694398e59d220c814e7
Red Hat Security Advisory 2022-9023-01
Posted Dec 15, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-9023-01 - This release of Red Hat build of Quarkus 2.13.5 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include denial of service and remote SQL injection vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2022-31197, CVE-2022-3171, CVE-2022-37734, CVE-2022-4116, CVE-2022-4147, CVE-2022-42003, CVE-2022-42004, CVE-2022-42889
SHA-256 | df6b37e9380bd4d9840f228c66d0517e1bce9318d82620afe02d2b5655495e78
Red Hat Security Advisory 2022-8876-01
Posted Dec 7, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8876-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.10.2 includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, protocol
systems | linux, redhat
advisories | CVE-2022-25857, CVE-2022-38749, CVE-2022-38750, CVE-2022-38751, CVE-2022-42003, CVE-2022-42004, CVE-2022-42889
SHA-256 | dd653c1e0ad52e5524dc257ed3b3491dcdb1dcd93451da4187a377acfe1bde05
Debian Security Advisory 5283-1
Posted Nov 17, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5283-1 - Several flaws were discovered in jackson-databind, a fast and powerful JSON library for Java.

tags | advisory, java
systems | linux, debian
advisories | CVE-2020-36518, CVE-2022-42003, CVE-2022-42004
SHA-256 | 3065027887bf5fa94d590057f95fc931a26aacb00941c3b82ff32ac74d124ef9
Gentoo Linux Security Advisory 202210-21
Posted Oct 31, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-21 - Multiple vulnerabilities have been found in FasterXML jackson-databind, the worst of which could result in denial of service. Versions less than 2.13.4.1 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2022-42003, CVE-2022-42004
SHA-256 | e7d590080e32f27b7250c815882f75319e00f763410980bc74c976950c770111
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    21 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close