rpm package
almalinux/pki-jackson-databind
pkg:rpm/almalinux/pki-jackson-databind
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-52999 | Hig | — | < 2.19.1-1.el9_6 | 2.19.1-1.el9_6 | Jun 25, 2025 | jackson-core contains core low-level incremental ("streaming") parser and generator abstractions used by Jackson Data Processor. In versions prior to 2.15.0, if a user parses an input file and it has deeply nested data, Jackson could end up throwing a StackoverflowError if the de | |
| CVE-2020-36518 | — | < 2.14.1-2.el9 | 2.14.1-2.el9 | Mar 11, 2022 | jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. |
- affected < 2.19.1-1.el9_6fixed 2.19.1-1.el9_6
jackson-core contains core low-level incremental ("streaming") parser and generator abstractions used by Jackson Data Processor. In versions prior to 2.15.0, if a user parses an input file and it has deeply nested data, Jackson could end up throwing a StackoverflowError if the de
- CVE-2020-36518Mar 11, 2022affected < 2.14.1-2.el9fixed 2.14.1-2.el9
jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.