CVE-2023-1436

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2023-1436

CGA ID

CGA-q59p-3x22-vmq4

Severity

Unknown

Description

An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown.

References

https://images.chainguard.dev/security/CGA-q59p-3x22-vmq4
https://github.com/advisories/GHSA-q6g2-g7f3-rr83
https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911/
https://security-tracker.debian.org/tracker/CVE-2023-1436

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CVE-2023-1436

Severity

Description

References

Affected packages

Products

Why Chainguard

Customers

Company

Resources