ishwaryaaaaaaaaaaa / Testing

0 stars 0 forks source link

[From: IBM Concert] [Deprioritized] [Risk score: 75] PRISMA-2023-0067 #7

Closed ishwaryaaaaaaaaaaa closed 1 month ago

ishwaryaaaaaaaaaaa commented 1 month ago

Impacted component: us.icr.io/bravoapps/allegroapp-graph-writer

Description

com.fasterxml.jackson.core_jackson-core package versions before 2.15.0 are vulnerable to Denial of Service (DoS). The package does not properly restrict the size or amount of resources that are requested or influenced by an actor, which can be used to consume more resources than intended and leads to Uncontrolled Resource Consumption (\'Resource Exhaustion\').