CGA-rp94-9385-c3jr

Published

Last updated

https://images.chainguard.dev/security/CGA-rp94-9385-c3jr

Package

hadoop-3.3

Latest Update

Under investigation

Aliases

CVE-2023-34610
GHSA-779h-3r69-4f5p

Severity

7.5

High

CVSS V3

Summary

json-io vulnerable to stack exhaustion

Description

An issue was discovered json-io through 4.14.0 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.

References

https://nvd.nist.gov/vuln/detail/CVE-2023-34610
https://github.com/advisories/GHSA-779h-3r69-4f5p
https://github.com/jdereg/json-io/issues/169
https://github.com/jdereg/json-io/issues/174
https://github.com/jdereg/json-io

Updates

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CGA-rp94-9385-c3jr

Severity

Summary

Description

References

Updates

Product

Why Chainguard

Customers

Company

Resources