Information on source package libjettison-java

Available versions

ReleaseVersion
jessie1.2-3
stretch1.5.3-1~deb9u1
buster1.5.3-1~deb10u1
bullseye1.5.3-1~deb11u1
bookworm1.5.3-1
trixie1.5.4-1
sid1.5.4-1

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2023-5072vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerablevulnerableDenial of Service in JSON-Java versions up to and including 20230618. ...
CVE-2023-1436vulnerablevulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA)fixedfixedAn infinite recursion is triggered in Jettison when constructing a JSO ...
CVE-2022-45693vulnerablefixedfixedfixedfixedfixedfixedJettison before v1.5.2 was discovered to contain a stack overflow via ...
CVE-2022-45685vulnerablefixedfixedfixedfixedfixedfixedA stack overflow in Jettison before v1.5.2 allows attackers to cause a ...
CVE-2022-40150vulnerablefixedfixedfixedfixedfixedfixedThose using Jettison to parse untrusted XML or JSON data may be vulner ...
CVE-2022-40149vulnerablefixedfixedfixedfixedfixedfixedThose using Jettison to parse untrusted XML or JSON data may be vulner ...

Security announcements

DSA / DLADescription
DSA-5312-1libjettison-java - security update
DLA-3259-1libjettison-java - security update
ELA-762-1libjettison-java - security update
ELA-729-1libjettison-java - security update
DLA-3184-1libjettison-java - security update

Search for package or bug name: Reporting problems