DirectorySecurity Advisories
Sign In
Security Advisories

CGA-j6p8-pcc9-34jq

Published

Last updated

https://images.chainguard.dev/security/CGA-j6p8-pcc9-34jq
Package

druid

Latest Update
Pending upstream fix
Aliases
  • CVE-2023-1436
  • GHSA-q6g2-g7f3-rr83

Severity

7.5

High

CVSS V3

Summary

Jettison vulnerable to infinite recursion

Description

An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown.

References

Updates

Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images

Why Chainguard

Container Image SecurityVulnerability RemediationCompliance and Risk MitigationSoftware Supply Chain SecurityAI/ML Security

Customers

Customer StoriesChainguard Love

Company

About UsPricingOpen SourceCareersNewsroomLegal

Resources

Unchained BlogEventsTrust CenterDocumentation