An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown. https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911/
Created log4j tracking bugs for this issue: Affects: fedora-all [bug 2182793]
This issue has been addressed in the following products: RHINT Camel-Springboot 3.20.1 Via RHSA-2023:2100 https://access.redhat.com/errata/RHSA-2023:2100
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2023-1436
This issue has been addressed in the following products: OpenShift Developer Tools and Services for OCP 4.13 Via RHSA-2023:3622 https://access.redhat.com/errata/RHSA-2023:3622
This issue has been addressed in the following products: RHINT Camel-Springboot 3.18.3.P2 Via RHSA-2023:3641 https://access.redhat.com/errata/RHSA-2023:3641
This issue has been addressed in the following products: OpenShift Developer Tools and Services for OCP 4.11 Via RHSA-2023:3663 https://access.redhat.com/errata/RHSA-2023:3663
This issue has been addressed in the following products: RHINT Camel-Q 2.13.3 Via RHSA-2023:3667 https://access.redhat.com/errata/RHSA-2023:3667
This issue has been addressed in the following products: Red Hat build of Quarkus 2.13.8 Via RHSA-2023:3809 https://access.redhat.com/errata/RHSA-2023:3809
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform Via RHSA-2023:4509 https://access.redhat.com/errata/RHSA-2023:4509
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7 Via RHSA-2023:4505 https://access.redhat.com/errata/RHSA-2023:4505
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8 Via RHSA-2023:4506 https://access.redhat.com/errata/RHSA-2023:4506
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9 Via RHSA-2023:4507 https://access.redhat.com/errata/RHSA-2023:4507
This issue has been addressed in the following products: Red Hat Single Sign-On 7.6 for RHEL 8 Via RHSA-2023:4919 https://access.redhat.com/errata/RHSA-2023:4919
This issue has been addressed in the following products: Red Hat Single Sign-On 7.6 for RHEL 7 Via RHSA-2023:4918 https://access.redhat.com/errata/RHSA-2023:4918
This issue has been addressed in the following products: Red Hat Single Sign-On 7.6 for RHEL 9 Via RHSA-2023:4920 https://access.redhat.com/errata/RHSA-2023:4920
This issue has been addressed in the following products: RHEL-8 based Middleware Containers Via RHSA-2023:4921 https://access.redhat.com/errata/RHSA-2023:4921
This issue has been addressed in the following products: Red Hat Single Sign-On 7.6.5 Via RHSA-2023:4924 https://access.redhat.com/errata/RHSA-2023:4924
This issue has been addressed in the following products: Migration Toolkit for Runtimes 1 on RHEL 8 Via RHSA-2023:7670 https://access.redhat.com/errata/RHSA-2023:7670
This issue has been addressed in the following products: MTA-6.2-RHEL-9 MTA-6.2-RHEL-8 Via RHSA-2024:1027 https://access.redhat.com/errata/RHSA-2024:1027