CGA-fv5w-vcvw-8948

Published

Last updated

https://images.chainguard.dev/security/CGA-fv5w-vcvw-8948

Package

hadoop-fips-3.3.6

Repository

Chainguard

Latest Update

Fix not planned

Aliases

CVE-2023-34610
GHSA-779h-3r69-4f5p

Severity

Unknown

Summary

json-io vulnerable to stack exhaustion

Description

An issue was discovered json-io through 4.14.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.

References

https://nvd.nist.gov/vuln/detail/CVE-2023-34610
https://github.com/advisories/GHSA-779h-3r69-4f5p
https://github.com/jdereg/json-io/issues/169
https://github.com/jdereg/json-io/issues/174
https://github.com/jdereg/json-io

Updates

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CGA-fv5w-vcvw-8948

Severity

Summary

Description

References

Updates

Products

Why Chainguard

Customers

Company

Resources