A libjettison-java security update has been released for Debian GNU/Linux 9 Extended LTS to address an issue that may result in a denial-of-service attack.
ELA-729-1 libjettison-java security update
Package : libjettison-java
ELA-729-1 libjettison-java security update
Version : 1.4.0-1+deb9u1 (stretch)
Related CVEs :
CVE-2022-40149
It was discovered that libjettison-java, a collection of StAX parsers and writers for JSON, was vulnerable to a denial-of-service attack, if the attacker provided untrusted XML or JSON data.
