what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

CVE-2023-1370

Status Candidate

Overview

[Json-smart](https://netplex.github.io/json-smart/) is a performance focused, JSON processor lib. When reaching a ‘[‘ or ‘{‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays and objects is done recursively, nesting too many of them can cause a stack exhaustion (stack overflow) and crash the software.

Related Files

Red Hat Security Advisory 2023-3915-01
Posted Jul 6, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3915-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.44.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-27664, CVE-2022-2879, CVE-2022-2880, CVE-2022-2995, CVE-2022-32149, CVE-2022-32190, CVE-2022-41715, CVE-2023-1370, CVE-2023-24329, CVE-2023-24540, CVE-2023-3089, CVE-2023-32067
SHA-256 | 983f22c13da7ac7e8ade2bd73150add682db932fc974bb432e054a1cc890dd94
Red Hat Security Advisory 2023-3906-01
Posted Jun 30, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3906-01 - A security update for Camel K 1.10.1 is now available. Issues addressed include XML injection, information leakage, resource exhaustion, and traversal vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2022-39368, CVE-2022-41946, CVE-2022-4244, CVE-2022-4245, CVE-2022-46363, CVE-2023-1370
SHA-256 | 7ec1249380111c4f2a6deacfb1495e2b529089277761a2f81b16c3843a66159c
Red Hat Security Advisory 2023-3663-01
Posted Jun 19, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3663-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include bypass, cross site scripting, denial of service, information leakage, insecure permissions, memory exhaustion, and resource exhaustion vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2022-2048, CVE-2022-22976, CVE-2022-40149, CVE-2022-40150, CVE-2022-41966, CVE-2022-42003, CVE-2022-42004, CVE-2023-1370, CVE-2023-1436, CVE-2023-20860, CVE-2023-26464, CVE-2023-27898, CVE-2023-27899, CVE-2023-27903
SHA-256 | a1e8f32defa19f2f1392ba490d9129bc4b5de076aa6ffae28d55d9c26539ddf8
Red Hat Security Advisory 2023-3641-01
Posted Jun 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3641-01 - This release of Camel for Spring Boot 3.18.3.P2 serves as a replacement for Camel for Spring Boot 3.18.3.P1 and includes bug fixes and enhancements, which are documented in the Release Notes linked in the References. Issues addressed include denial of service, deserialization, resource exhaustion, and server-side request forgery vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2022-25857, CVE-2022-38749, CVE-2022-38750, CVE-2022-38751, CVE-2022-38752, CVE-2022-40152, CVE-2022-40156, CVE-2022-41854, CVE-2022-42003, CVE-2022-42004, CVE-2022-45047, CVE-2022-46363, CVE-2022-46364, CVE-2023-1370
SHA-256 | eb79672d81b6aa5092fafd004e07db829635eeae6f5dd78abb16d98cdb9e3928
Red Hat Security Advisory 2023-3622-01
Posted Jun 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3622-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include bypass, code execution, cross site request forgery, denial of service, information leakage, insecure permissions, and resource exhaustion vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, csrf
systems | linux, redhat
advisories | CVE-2022-29599, CVE-2022-30953, CVE-2022-30954, CVE-2023-1370, CVE-2023-1436, CVE-2023-20860, CVE-2023-20861, CVE-2023-27903, CVE-2023-27904
SHA-256 | b7935bb45130f797b9dd93023e22673b037f602a5fd4b10a7467504fa480ed2a
Red Hat Security Advisory 2023-3610-01
Posted Jun 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3610-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include bypass, code execution, cross site request forgery, cross site scripting, denial of service, memory exhaustion, and resource exhaustion vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss, csrf
systems | linux, redhat
advisories | CVE-2021-46877, CVE-2022-29599, CVE-2022-30953, CVE-2022-30954, CVE-2022-40149, CVE-2022-40150, CVE-2022-41723, CVE-2022-45693, CVE-2023-1370, CVE-2023-20860, CVE-2023-20861, CVE-2023-24422, CVE-2023-32977, CVE-2023-32981
SHA-256 | 7b9b64c4675eb47823910162607f47f837dc4f1a040d0a13d9a6614093eb3803
Red Hat Security Advisory 2023-3362-01
Posted Jun 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3362-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.61. Issues addressed include a resource exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-1370
SHA-256 | 4bce165c5c9df5cb4de59c5bdd82271c3d2ff9b358d9d5a530d767317445da62
Red Hat Security Advisory 2023-3223-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3223-01 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 2.4.0 serves as a replacement for Red Hat AMQ Streams 2.3.0, and includes security and bug fixes, and enhancements. Issues addressed include denial of service, deserialization, information leakage, memory exhaustion, and resource exhaustion vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2020-36518, CVE-2021-0341, CVE-2021-37136, CVE-2021-37137, CVE-2021-46877, CVE-2022-24823, CVE-2022-36944, CVE-2022-40149, CVE-2022-40150, CVE-2022-42003, CVE-2022-42004, CVE-2023-0833, CVE-2023-1370
SHA-256 | 2e9f7b14744710d4471684a7020cb03110e262064411dd07a3bca0add6dbd69d
Red Hat Security Advisory 2023-3179-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3179-01 - A security update for Camel Extensions for Quarkus 2.13.2-2 is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Issues addressed include a resource exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-1370
SHA-256 | 4d165414f1341c1ffcc6d18686f1df9fd72bf4b481e51b7a89fbd9feef5c9cf2
Red Hat Security Advisory 2023-3193-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3193-01 - A security update for Camel Extensions for Quarkus 2.7.1 is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Red Hat Product Security has rated this update as having an impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include a resource exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-1370
SHA-256 | 67b829afdfc05c990f643065db46ad86a9923a40ecbc5ace7521589ccc97f240
Red Hat Security Advisory 2023-2099-01
Posted May 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2099-01 - A patch is now available for Camel for Spring Boot 3.18.3. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Issues addressed include denial of service and resource exhaustion vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2023-1370, CVE-2023-20863
SHA-256 | c03bad8f83a4deffe2609c9a9c130f938597dfd431f082672af5eb6c0e6de748
Ubuntu Security Notice USN-6011-1
Posted Apr 12, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6011-1 - It was discovered that Json-smart incorrectly handled memory when processing input containing unclosed quotes. A remote attacker could possibly use this issue to cause applications using Json-smart to crash, leading to a denial of service. It was discovered that Json-smart incorrectly handled memory when processing input containing unclosed brackets. A remote attacker could possibly use this issue to cause applications using Json-smart to crash, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2021-31684, CVE-2023-1370
SHA-256 | 779aeab8a0e6e185281188748833317d5be747f25316532e4e271da16208b410
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close