CVE-2023-1436

CVE-2023-1436

An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown.

Published Mar 17, 2023

PR #62

CVSS ScoreHigh

7.5

Vulnerabilities

CVE-2023-1436

Published Mar 17, 2023

PR #62

CVSS ScoreHigh

7.5

CVE-2023-1436 Security Details

CVE ID: CVE-2023-1436
CWE: CWE-674
CVE Description: An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown.
Published: Mar 17, 2023
CVSS Score & Severity: 7.5High
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score: 0.122%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Vulnerable Methods: org/codehaus/jettison/json/JSONArray.<init>(Ljava/util/Collection;)V
JVMVulnerable params: 0
Affected Ecosystems: affected
Source: National Vulnerability Database
References: GitHub · PR #62PROJECT

CVE-2023-1436 Security Details

CVE ID: CVE-2023-1436
CWE: CWE-674
CVE Description: An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown.
Published: Mar 17, 2023
CVSS Score & Severity: 7.5High
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score: 0.122%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Vulnerable Methods: org/codehaus/jettison/json/JSONArray.<init>(Ljava/util/Collection;)V
JVMVulnerable params: 0
Affected Ecosystems: affected
Source: National Vulnerability Database
References: GitHub · PR #62PROJECT

Find vulnerabilities. Fix fast with AI.

CVE-2023-1436

CVE-2023-1436 Security Details

CVE-2023-1436 Security Details