Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
githubGitHub Advisory DatabaseGHSA-C7MC-Q43H-5672
HistoryOct 06, 2022 - 6:52 p.m.

JXPath Out-of-bounds Write vulnerability

2022-10-0618:52:04
CWE-787
GitHub Advisory Database
github.com
14
jxpath
vulnerability
denial of service
JSON

Withdrawn

This advisory has been withdrawn because the original report was found to be invalid. This link is maintained to preserve external references.

Original Description

Those using JXPath to interpret XPath may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.

Affected configurations

Vulners
Node
apachecommons_jxpathRange1.3
CPENameOperatorVersion
commons-jxpath:commons-jxpathle1.3

Related

cvelist 1
debiancve 1
cnvd 1
osv 1
cve 1
nvd 1
ubuntucve 6
ibm 1
cvelist
cvelist
CVE-2022-40157
1976-01-01 00:00:00
debiancve
debiancve
CVE-2022-40157
2022-10-06 18:16:00
cnvd
cnvd
Apache Commons JXPath Buffer Overflow Vulnerability (CNVD-2022-73688)
2022-10-12 00:00:00
osv
osv
JXPath Out-of-bounds Write vulnerability
2022-10-06 18:52:04
cve
cve
CVE-2022-40157
2022-10-06 18:16:23
nvd
nvd
CVE-2022-40157
2022-10-06 18:16:23
ubuntucve
ubuntucve
CVE-2022-40157
2022-10-06 00:00:00
CVE-2022-41852
2022-10-06 00:00:00
CVE-2022-40160
2022-10-06 00:00:00
ibm
ibm
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache Commons JXPath
2022-11-30 10:26:08
JSON
Related for GHSA-C7MC-Q43H-5672
cvelist1debiancve1cnvd1osv1cve1nvd1ubuntucve6ibm1