Bugzilla – Bug 1203524
VUL-0: CVE-2022-40155: xstream: stackoverflow in XML serialization
Last modified: 2022-10-12 09:08:37 UTC
Those using Xstream to serialise XML data may be vulnerable to Denial of Service
attacks (DOS). If the parser is running on user supplied input, an attacker may
supply content that causes the parser to crash by stack overflow. This effect
may support a denial of service attack.
Upstream issue is being discussed. Tracking SUSE:SLE-15-SP2:Update as affected