VYPR

Jackson Core

by Fasterxml

Source repositories

CVEs (3)

  • CVE-2025-52999HigJun 25, 2025
    risk 0.50cvss epss 0.01

    jackson-core contains core low-level incremental ("streaming") parser and generator abstractions used by Jackson Data Processor. In versions prior to 2.15.0, if a user parses an input file and it has deeply nested data, Jackson could end up throwing a StackoverflowError if the…

  • CVE-2025-49128MedJun 6, 2025
    risk 0.19cvss 4.0epss 0.00

    Jackson-core contains core low-level incremental ("streaming") parser and generator abstractions used by Jackson Data Processor. Starting in version 2.0.0 and prior to version 2.13.0, a flaw in jackson-core's `JsonLocation._appendSourceDesc` method allows up to 500 bytes of…

  • CVE-2026-29062Mar 6, 2026
    risk 0.00cvss epss 0.01

    jackson-core contains core low-level incremental ("streaming") parser and generator abstractions used by Jackson Data Processor. From version 3.0.0 to before version 3.1.0, the UTF8DataInputJsonParser, which is used when parsing from a java.io.DataInput source, bypasses the…