rzo
-
2024-07-02
- status: open --> open-accepted
Blackduck Scan: BDSA-2022-4307
Description
FasterXML Jackson Core does not restrict the size of certain numeric types. A remote attacker able to supply specially crafted serialized data to an application that deserializes it, could cause excessive resource consumption resulting in a denial-of-service (DoS).