How severe is CVE-2023-1436?

CVE-2023-1436 has a CVSS v3 score of 5.9 (MEDIUM).

CVE-2023-1436

Name: jettison
Author: jettison_project

5.9MEDIUM

An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being

Published: 3/22/2023Updated: 11/21/2024

Description

An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown.

AI AnalysisPowered by AI

Affected Products

jettison_projectjettison

References

https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911/
ExploitThird Party Advisory
https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911/
ExploitThird Party Advisory