VYPR
Moderate severityNVD Advisory· Published Sep 16, 2022· Updated Apr 21, 2025

Stack Buffer Overflow in Woodstox

CVE-2022-40152

Description

Those using Woodstox to parse XML data may be vulnerable to Denial of Service attacks (DOS) if DTD support is enabled. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
com.fasterxml.woodstox:woodstox-coreMaven
>= 6.0.0, < 6.4.06.4.0
com.fasterxml.woodstox:woodstox-coreMaven
< 5.4.05.4.0

Affected products

71

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.