Information on source package libjettison-java

Available versions

ReleaseVersion
buster1.4.0-1
buster (security)1.5.3-1~deb10u1
bullseye1.5.3-1~deb11u1
bookworm1.5.3-1
trixie1.5.4-1
sid1.5.4-1

Open issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2023-5072vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableDenial of Service in JSON-Java versions up to and including 20230618. ...
CVE-2023-1436vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA)fixedfixedAn infinite recursion is triggered in Jettison when constructing a JSO ...

Resolved issues

BugDescription
CVE-2022-45693Jettison before v1.5.2 was discovered to contain a stack overflow via ...
CVE-2022-45685A stack overflow in Jettison before v1.5.2 allows attackers to cause a ...
CVE-2022-40150Those using Jettison to parse untrusted XML or JSON data may be vulner ...
CVE-2022-40149Those using Jettison to parse untrusted XML or JSON data may be vulner ...

Security announcements

DSA / DLADescription
DSA-5312-1libjettison-java - security update
DLA-3259-1libjettison-java - security update
DLA-3184-1libjettison-java - security update

Search for package or bug name: Reporting problems