CVE-2023-1436 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2023-1436 Interim 1 9 2025-08-06T01:56:28Z current 2023-03-23T00:18:45Z 2025-08-06T01:56:28Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2023-1436 An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2023-April/014547.html E-Mail link for SUSE-SU-2023:1948-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 15.4 openSUSE Tumbleweed jettison-1.5.4-1.1 jettison-1.5.4-150200.3.7.1 jettison-javadoc-1.5.4-1.1 jettison-javadoc-1.5.4-150200.3.7.1 jettison-1.5.4-150200.3.7.1 as a component of openSUSE Leap 15.4 jettison-javadoc-1.5.4-150200.3.7.1 as a component of openSUSE Leap 15.4 jettison-1.5.4-1.1 as a component of openSUSE Tumbleweed jettison-javadoc-1.5.4-1.1 as a component of openSUSE Tumbleweed An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown. CVE-2023-1436 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP5:jettison-1.5.4-150200.3.7.1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP5:jettison-javadoc-1.5.4-150200.3.7.1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP6:jettison-1.5.4-150200.3.7.1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP6:jettison-javadoc-1.5.4-150200.3.7.1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP7:jettison-1.5.4-150200.3.7.1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP7:jettison-javadoc-1.5.4-150200.3.7.1 openSUSE Leap 15.4:jettison-1.5.4-150200.3.7.1 openSUSE Leap 15.4:jettison-javadoc-1.5.4-150200.3.7.1 openSUSE Tumbleweed:jettison-1.5.4-1.1 openSUSE Tumbleweed:jettison-javadoc-1.5.4-1.1 moderate 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H