VulnerableCode Package Details - pkg:maven/com.fasterxml.woodstox/woodstox-core@6.0.0

Search for packages

Vulnerability	Summary	Fixed by
VCID-1xyr-vr5v-tbea Aliases: CVE-2022-40156 GHSA-4rv7-wj6m-6c6r	Denial of Service due to parser crash ## Withdrawn This advisory has been withdrawn because it has been found to be a duplicate. Please see the issue [here](https://github.com/x-stream/xstream/issues/304#issuecomment-1293654236) for more information. ## Original Despcription Those using FasterXML/woodstox to seralize XML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack. This vulnerability is only relevant for users making use of the DTD parsing functionality.	6.4.0 Affected by 0 other vulnerabilities.
VCID-9kde-ya39-8bee Aliases: CVE-2022-40155 GHSA-5hc5-c3m9-8vcj	Denial of Service via stack overflow ## Withdrawn This advisory has been withdrawn because it has been found to be a duplicate. Please see the issue [here](https://github.com/x-stream/xstream/issues/304#issuecomment-1293654236) for more information. ## Original Despcription Those using FasterXML/woodstox to serialise XML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack. This vulnerability is only relevant for users making use of the DTD parsing functionality.	6.4.0 Affected by 0 other vulnerabilities.
VCID-hqzr-vc5w-9ff5 Aliases: CVE-2022-40152 GHSA-3f7h-mf4q-vrm4	Denial of Service due to parser crash Those using FasterXML/woodstox to seralize XML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack. This vulnerability is only relevant for users making use of the DTD parsing functionality.	6.4.0 Affected by 0 other vulnerabilities.
VCID-kkjc-yykt-t3f3 Aliases: CVE-2022-40153 GHSA-fv22-xp26-mm9w	Denial of Service due to parser crash ## Withdrawn This advisory has been withdrawn because it has been found to be a duplicate. Please see the issue [here](https://github.com/x-stream/xstream/issues/304#issuecomment-1293654236) for more information. ## Original Despcription Those using FasterXML/woodstox to seralize XML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack. This vulnerability is only relevant for users making use of the DTD parsing functionality.	6.4.0 Affected by 0 other vulnerabilities.
VCID-zcks-qd7r-vkd9 Aliases: CVE-2022-40154 GHSA-9fwf-46g9-45rx	Denial of Service via stack overflow ## Withdrawn This advisory has been withdrawn because it has been found to be a duplicate. Please see the issue [here](https://github.com/x-stream/xstream/issues/304#issuecomment-1293654236) for more information. ## Original Despcription Those using FasterXML/woodstox to serialise XML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack. This vulnerability is only relevant for users making use of the DTD parsing functionality.	6.4.0 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-1xyr-vr5v-tbea
Aliases:
CVE-2022-40156
GHSA-4rv7-wj6m-6c6r

Denial of Service due to parser crash ## Withdrawn This advisory has been withdrawn because it has been found to be a duplicate. Please see the issue [here](https://github.com/x-stream/xstream/issues/304#issuecomment-1293654236) for more information. ## Original Despcription Those using FasterXML/woodstox to seralize XML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack. This vulnerability is only relevant for users making use of the DTD parsing functionality.