First published: Tue Dec 13 2022(Updated: )
Jettison is vulnerable to a denial of service, caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker could exploit this vulnerability to cause a denial of service.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/jenkins | <2-plugins-0:4.12.1686649756-1.el8 | 2-plugins-0:4.12.1686649756-1.el8 |
redhat/eap7-jettison | <0:1.5.2-1.redhat_00002.1.el8ea | 0:1.5.2-1.redhat_00002.1.el8ea |
redhat/eap7-jettison | <0:1.5.2-1.redhat_00002.1.el9ea | 0:1.5.2-1.redhat_00002.1.el9ea |
redhat/eap7-jettison | <0:1.5.2-1.redhat_00002.1.el7ea | 0:1.5.2-1.redhat_00002.1.el7ea |
redhat/rh-sso7-keycloak | <0:18.0.6-1.redhat_00001.1.el7 | 0:18.0.6-1.redhat_00001.1.el7 |
redhat/rh-sso7-keycloak | <0:18.0.6-1.redhat_00001.1.el8 | 0:18.0.6-1.redhat_00001.1.el8 |
redhat/rh-sso7-keycloak | <0:18.0.6-1.redhat_00001.1.el9 | 0:18.0.6-1.redhat_00001.1.el9 |
debian/libjettison-java | <=1.4.0-1 | 1.5.3-1~deb10u1 1.5.3-1~deb11u1 1.5.3-1 1.5.4-1 |
Jettison Project Jettison | <1.5.2 | |
Debian Debian Linux | =10.0 | |
Debian Debian Linux | =11.0 | |
redhat/jettison | <1.5.2 | 1.5.2 |
IBM Sterling Secure Proxy | <=6.0.3 | |
IBM Sterling Secure Proxy | <=6.1.0 | |
<1.5.2 | ||
=10.0 | ||
=11.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
CVE-2022-45693 is a vulnerability in Jettison that allows a remote attacker to cause a denial of service through a stack-based buffer overflow.
CVE-2022-45693 can lead to a denial of service in Jettison by exploiting a stack-based buffer overflow vulnerability.
CVE-2022-45693 has a severity level of high.
Versions 1.5.2 and below of Jettison are affected by CVE-2022-45693.
To fix CVE-2022-45693, update Jettison to a version higher than 1.5.2.