jackson-core-2.11.3 - vulnerability

Install java, groovy and native applications as services or daemons

Brought to you by: john1900, rzorzorzo

#32 jackson-core-2.11.3 - vulnerability

Milestone: Any

Status: closed-fixed

Owner: rzo

Labels: None

Priority: 5

Updated: 2024-11-15

Created: 2024-06-25

Creator: Ravi Raj

Private: No

Blackduck Scan: BDSA-2022-4307

Description
FasterXML Jackson Core does not restrict the size of certain numeric types. A remote attacker able to supply specially crafted serialized data to an application that deserializes it, could cause excessive resource consumption resulting in a denial-of-service (DoS).

Discussion

rzo - 2024-07-02

status: open --> open-accepted
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

rzo - 2024-11-15

status: open-accepted --> closed-fixed
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

rzo - 2024-11-15

13.13

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

jackson-core-2.11.3 - vulnerability

Install java, groovy and native applications as services or daemons

Group

Searches

Help

#32 jackson-core-2.11.3 - vulnerability

Discussion