CVE-2023-3894
Published
CVSS v3
5.8
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT
Description
Those using jackson-dataformats-text to parse TOML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.
Uber-project for (some) standard Jackson textual format backends: csv, properties, yaml (xml to be added in future)
GitHub