Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
Description
Multiple framework and extension components use Jettison for JSON processing.
Jettison 1.5.4 resolves a potential Denial-of-Service issue with infinite recursion when processing a malformed JSON array, as described in CVE-2023-1436.