13544 2023-08-24 00:20:56 +0300 [CVE 21] jackson-dataformats-text 2.9.8 CVEs found 2023-10-20 17:01:47 +0300 1 1 2 ROSA-based products ROSA Fresh System (kernel, glibc, systemd, bash, PAM...) All All Linux RESOLVED DUPLICATE 13869 CVE-2023-3894, Normal normal --- 1 y.tumanov bugs e.kosachev s.matveev v.potapov y.tumanov 2021.1 oldest_to_newest 68911 0 y.tumanov 2023-08-24 00:20:56 +0300 Please patch CVEs for package jackson-dataformats-text version 2.9.8 INFO (CVEs are): jackson-dataformats-text 2.9.8 cves found CVE-2023-3894 Desc: Those using jackson-dataformats-text to parse TOML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack. Link: https://nvd.nist.gov/vuln/detail/CVE-2023-3894 Severity: HIGH 70195 1 v.potapov 2023-10-20 17:01:47 +0300 *** This bug has been marked as a duplicate of bug 13869 ***