fkie_cve-2021-37714
Vulnerability from fkie_nvd
Published
2021-08-18 15:15
Modified
2024-11-21 06:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck (loop indefinitely until cancelled), to complete more slowly than usual, or to throw an unexpected exception. This effect may support a denial of service attack. The issue is patched in version 1.14.2. There are a few available workarounds. Users may rate limit input parsing, limit the size of inputs based on system resources, and/or implement thread watchdogs to cap and timeout parse runtimes.
References
security-advisories@github.comhttps://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6cThird Party Advisory
security-advisories@github.comhttps://jsoup.org/news/release-1.14.1Release Notes, Vendor Advisory
security-advisories@github.comhttps://jsoup.org/news/release-1.14.2Release Notes, Vendor Advisory
security-advisories@github.comhttps://lists.apache.org/thread.html/r215009dbf7467a9f6506d0c0024cb36cad30071010e62c9352cfaaf0%40%3Cissues.maven.apache.org%3E
security-advisories@github.comhttps://lists.apache.org/thread.html/r377b93d79817ce649e9e68b3456e6f499747ef1643fa987b342e082e%40%3Cissues.maven.apache.org%3E
security-advisories@github.comhttps://lists.apache.org/thread.html/r3d71f18adb78e50f626dde689161ca63d3b7491bd9718fcddfaecba7%40%3Cissues.maven.apache.org%3E
security-advisories@github.comhttps://lists.apache.org/thread.html/r50e9c9466c592ca9d707a5dea549524d19e3287da08d8392f643960e%40%3Cissues.maven.apache.org%3E
security-advisories@github.comhttps://lists.apache.org/thread.html/r685c5235235ad0c26e86d0ee987fb802c9675de6081dbf0516464e0b%40%3Cnotifications.james.apache.org%3E
security-advisories@github.comhttps://lists.apache.org/thread.html/r97404676a5cf591988faedb887d64e278f522adcaa823d89ca69defe%40%3Cnotifications.james.apache.org%3E
security-advisories@github.comhttps://lists.apache.org/thread.html/rc3354080fc67fb50b45b3c2d12dc4ca2a3c1c78dad3d3ba012c038aa%40%3Cnotifications.james.apache.org%3E
security-advisories@github.comhttps://security.netapp.com/advisory/ntap-20220210-0022/Third Party Advisory
security-advisories@github.comhttps://www.oracle.com/security-alerts/cpuapr2022.htmlPatch, Third Party Advisory
security-advisories@github.comhttps://www.oracle.com/security-alerts/cpujan2022.htmlPatch, Third Party Advisory
security-advisories@github.comhttps://www.oracle.com/security-alerts/cpujul2022.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6cThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://jsoup.org/news/release-1.14.1Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://jsoup.org/news/release-1.14.2Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r215009dbf7467a9f6506d0c0024cb36cad30071010e62c9352cfaaf0%40%3Cissues.maven.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r377b93d79817ce649e9e68b3456e6f499747ef1643fa987b342e082e%40%3Cissues.maven.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r3d71f18adb78e50f626dde689161ca63d3b7491bd9718fcddfaecba7%40%3Cissues.maven.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r50e9c9466c592ca9d707a5dea549524d19e3287da08d8392f643960e%40%3Cissues.maven.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r685c5235235ad0c26e86d0ee987fb802c9675de6081dbf0516464e0b%40%3Cnotifications.james.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r97404676a5cf591988faedb887d64e278f522adcaa823d89ca69defe%40%3Cnotifications.james.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/rc3354080fc67fb50b45b3c2d12dc4ca2a3c1c78dad3d3ba012c038aa%40%3Cnotifications.james.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20220210-0022/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuapr2022.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpujan2022.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpujul2022.htmlPatch, Third Party Advisory
Impacted products
Vendor Product Version
jsoup jsoup *
quarkus quarkus *
oracle banking_trade_finance 14.5
oracle banking_treasury_management 14.5
oracle business_process_management_suite 12.2.1.3.0
oracle business_process_management_suite 12.2.1.4.0
oracle flexcube_universal_banking *
oracle flexcube_universal_banking 14.5
oracle hospitality_token_proxy_service 19.2
oracle peoplesoft_enterprise_peopletools 8.58
oracle peoplesoft_enterprise_peopletools 8.59
oracle primavera_unifier 20.12
oracle primavera_unifier 21.12
oracle retail_customer_management_and_segmentation_foundation *
oracle webcenter_portal 12.2.1.3.0
oracle webcenter_portal 12.2.1.4.0
oracle communications_messaging_server 8.1
netapp management_services_for_element_software_and_netapp_hci -
oracle financial_services_crime_and_compliance_management_studio 8.0.8.2.0
oracle financial_services_crime_and_compliance_management_studio 8.0.8.3.0
oracle middleware_common_libraries_and_tools 12.2.1.3.0
oracle middleware_common_libraries_and_tools 12.2.1.4.0
oracle stream_analytics *
oracle stream_analytics 19c


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:jsoup:jsoup:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB2FF61F-FB78-426C-9FD0-72A1AB17A92D",
              "versionEndExcluding": "1.14.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF712520-1CFD-473A-B3F5-3CDDFE9C2C9A",
              "versionEndIncluding": "2.2.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:banking_trade_finance:14.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "64750C01-21AC-4947-B674-6690EAAAC5DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:banking_treasury_management:14.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C3D0063-9458-4018-9B92-79A219716C10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E869C417-C0E6-4FC3-B406-45598A1D1906",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFEFE2C0-7B98-44F9-B3AD-D6EC607E90DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:flexcube_universal_banking:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54BE0CCE-8216-4CCF-96E1-38EF76124368",
              "versionEndIncluding": "14.3.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:flexcube_universal_banking:14.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "609645BF-B34F-40AC-B9C9-C3FB870F4ED2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:hospitality_token_proxy_service:19.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7D45E2D-241B-4839-B255-A81107BF94BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8AF00C6-B97F-414D-A8DF-057E6BFD8597",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "38340E3C-C452-4370-86D4-355B6B4E0A06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9C55C69-E22E-4B80-9371-5CD821D79FE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0B772D5-F0BB-4CD4-99D1-B84562D01586",
              "versionEndIncluding": "19.0",
              "versionStartIncluding": "17.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6A4F71A-4269-40FC-8F61-1D1301F2B728",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A502118-5B2B-47AE-82EC-1999BD841103",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:communications_messaging_server:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7569C0BD-16C1-441E-BAEB-840C94BE73EF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:netapp:management_services_for_element_software_and_netapp_hci:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDAC85F0-93AF-4BE3-AE1A-8ADAF1CDF9AB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "55F091C7-0869-4FD6-AC73-DA697D990304",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D134C60-F9E2-46C2-8466-DB90AD98439E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCCFDDAC-CF84-4259-BA65-98DC5482A0A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AB179A8-DFB7-4DCF-8DE3-096F376989F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:stream_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "847E8F6A-6115-4CCB-B16B-5DA8427958C4",
              "versionEndExcluding": "19.1.0.0.6.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:stream_analytics:19c:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E7B7A7D-BA3D-4ADA-B87C-F222B0722AF2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck (loop indefinitely until cancelled), to complete more slowly than usual, or to throw an unexpected exception. This effect may support a denial of service attack. The issue is patched in version 1.14.2. There are a few available workarounds. Users may rate limit input parsing, limit the size of inputs based on system resources, and/or implement thread watchdogs to cap and timeout parse runtimes."
    },
    {
      "lang": "es",
      "value": "jsoup es una biblioteca Java para trabajar con HTML. Aquellos usando versiones de jsoup anteriores a 1.14.2 para analizar HTML o XML no confiables pueden ser vulnerables a ataques DOS. Si el analizador es ejecutado con una entrada suministrada por el usuario, un atacante puede suministrar contenido que cause que el analizador se atasque (un bucle indefinido hasta que se cancele), para completarse m\u00e1s lentamente de lo habitual o que lance una excepci\u00f3n inesperada. Este efecto puede permitir un ataque de denegaci\u00f3n de servicio. El problema est\u00e1 parcheado en versi\u00f3n 1.14.2. Se presentan algunas soluciones disponibles. Los usuarios pueden limitar el an\u00e1lisis de las entradas, limitar el tama\u00f1o de las entradas en funci\u00f3n de los recursos del sistema, y/o implementar controles de hilos para limitar el tiempo de ejecuci\u00f3n del an\u00e1lisis."
    }
  ],
  "id": "CVE-2021-37714",
  "lastModified": "2024-11-21T06:15:46.567",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-08-18T15:15:08.023",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://jsoup.org/news/release-1.14.1"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://jsoup.org/news/release-1.14.2"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://lists.apache.org/thread.html/r215009dbf7467a9f6506d0c0024cb36cad30071010e62c9352cfaaf0%40%3Cissues.maven.apache.org%3E"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://lists.apache.org/thread.html/r377b93d79817ce649e9e68b3456e6f499747ef1643fa987b342e082e%40%3Cissues.maven.apache.org%3E"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://lists.apache.org/thread.html/r3d71f18adb78e50f626dde689161ca63d3b7491bd9718fcddfaecba7%40%3Cissues.maven.apache.org%3E"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://lists.apache.org/thread.html/r50e9c9466c592ca9d707a5dea549524d19e3287da08d8392f643960e%40%3Cissues.maven.apache.org%3E"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://lists.apache.org/thread.html/r685c5235235ad0c26e86d0ee987fb802c9675de6081dbf0516464e0b%40%3Cnotifications.james.apache.org%3E"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://lists.apache.org/thread.html/r97404676a5cf591988faedb887d64e278f522adcaa823d89ca69defe%40%3Cnotifications.james.apache.org%3E"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://lists.apache.org/thread.html/rc3354080fc67fb50b45b3c2d12dc4ca2a3c1c78dad3d3ba012c038aa%40%3Cnotifications.james.apache.org%3E"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20220210-0022/"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://jsoup.org/news/release-1.14.1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://jsoup.org/news/release-1.14.2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r215009dbf7467a9f6506d0c0024cb36cad30071010e62c9352cfaaf0%40%3Cissues.maven.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r377b93d79817ce649e9e68b3456e6f499747ef1643fa987b342e082e%40%3Cissues.maven.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r3d71f18adb78e50f626dde689161ca63d3b7491bd9718fcddfaecba7%40%3Cissues.maven.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r50e9c9466c592ca9d707a5dea549524d19e3287da08d8392f643960e%40%3Cissues.maven.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r685c5235235ad0c26e86d0ee987fb802c9675de6081dbf0516464e0b%40%3Cnotifications.james.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r97404676a5cf591988faedb887d64e278f522adcaa823d89ca69defe%40%3Cnotifications.james.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/rc3354080fc67fb50b45b3c2d12dc4ca2a3c1c78dad3d3ba012c038aa%40%3Cnotifications.james.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20220210-0022/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-248"
        },
        {
          "lang": "en",
          "value": "CWE-835"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-835"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.