rpm package
almalinux/fasterxml-oss-parent
pkg:rpm/almalinux/fasterxml-oss-parent
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-52999 | Hig | — | < 69-1.module_el8.10.0+4034+20822525 | 69-1.module_el8.10.0+4034+20822525 | Jun 25, 2025 | jackson-core contains core low-level incremental ("streaming") parser and generator abstractions used by Jackson Data Processor. In versions prior to 2.15.0, if a user parses an input file and it has deeply nested data, Jackson could end up throwing a StackoverflowError if the de | |
| CVE-2020-36518 | — | < 49-1.module_el8.10.0+3791+e0637953 | 49-1.module_el8.10.0+3791+e0637953 | Mar 11, 2022 | jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. |
- affected < 69-1.module_el8.10.0+4034+20822525fixed 69-1.module_el8.10.0+4034+20822525
jackson-core contains core low-level incremental ("streaming") parser and generator abstractions used by Jackson Data Processor. In versions prior to 2.15.0, if a user parses an input file and it has deeply nested data, Jackson could end up throwing a StackoverflowError if the de
- CVE-2020-36518Mar 11, 2022affected < 49-1.module_el8.10.0+3791+e0637953fixed 49-1.module_el8.10.0+3791+e0637953
jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.