Web: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-40151

Sept. 16, 2022, 10:15 a.m. |

National Vulnerability Database nist.gov

Those using Xstream to seralize XML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.

cve

Cybersecurity Engineer

@ Apercen Partners LLC | Folsom, CA

IDM Sr. Security Developer

@ The Ohio State University | Columbus, OH, United States

IT Security Engineer

@ Stylitics | New York City

Information Security Engineer

@ VDA Labs | Remote

Information Security Analyst

@ Metropolitan Transportation Commission | San Francisco, CA

Product Security Engineer (SSDL)

@ ServiceNow | Denver, Colorado, United States

Application Security Sales Specialist

@ Dynatrace | Munich, Germany

Threat Intelligence Response Analyst

@ Recorded Future, Inc. | London

IT Security Analyst

@ Docebo | Toronto, Ontario

Software Engineer - Perception and Threat Assessment - XC

@ Bosch Group | Plymouth, MI, United States

Sr. Cyber Incident Response Analyst

@ Experian | Heredia, Costa Rica

Manager, DT GRC (Governance, Risk, And compliance)

@ ServiceNow | Austin, Texas, United States