Debian 10264 Published by

A libjettison-java security update has been released for Debian GNU/Linux 9 Extended LTS to address an issue that may result in a denial-of-service attack.



ELA-729-1 libjettison-java security update

Package : libjettison-java
Version : 1.4.0-1+deb9u1 (stretch)

Related CVEs :
CVE-2022-40149

It was discovered that libjettison-java, a collection of StAX parsers and writers for JSON, was vulnerable to a denial-of-service attack, if the attacker provided untrusted XML or JSON data.

  ELA-729-1 libjettison-java security update