| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|
| CVE-2023-5072 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | Denial of Service in JSON-Java versions up to and including 20230618. ... |
| CVE-2023-1436 | vulnerable | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | An infinite recursion is triggered in Jettison when constructing a JSO ... |
| CVE-2022-45693 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | Jettison before v1.5.2 was discovered to contain a stack overflow via ... |
| CVE-2022-45685 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | A stack overflow in Jettison before v1.5.2 allows attackers to cause a ... |
| CVE-2022-40150 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | Those using Jettison to parse untrusted XML or JSON data may be vulner ... |
| CVE-2022-40149 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | Those using Jettison to parse untrusted XML or JSON data may be vulner ... |