A vulnerability in the JsonMapObjectReaderWriter of Apache CXF allows an attacker to submit malformed JSON to a web service, which results in the thread getting stuck in an infinite loop, consuming CPU indefinitely. This issue affects Apache CXF versions prior to 3.4.4; Apache CXF versions prior to 3.3.11.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
07 Nov 2023, 03:33
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2021-06-16 12:15
Updated : 2024-02-28 18:28
NVD link : CVE-2021-30468
Mitre link : CVE-2021-30468
CVE.ORG link : CVE-2021-30468
JSON object : View
Products Affected
oracle
- communications_element_manager
- communications_messaging_server
- business_intelligence
apache
- cxf
- tomee