Lucene search
RedHatRHSA-2023:2312HistoryMay 09, 2023 - 5:07 a.m.
(RHSA-2023:2312) Moderate: jackson security update
2023-05-0905:07:11
access.redhat.com
14
0.002 Low
EPSS
Percentile
59.7%
Jackson is a suite of data-processing tools for Java, including the flagship streaming JSON parser / generator library, matching data-binding library, and additional modules to process data encoded in various other data formats.
Security Fix(es):
- jackson-databind: denial of service via a large depth of nested objects (CVE-2020-36518)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.2 Release Notes linked from the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 9 | noarch | pki-jackson-module-jaxb-annotations | <Â 2.14.1-2.el9 | pki-jackson-module-jaxb-annotations-2.14.1-2.el9.noarch.rpm |
| RedHat | 9 | noarch | pki-jackson-databind | <Â 2.14.1-2.el9 | pki-jackson-databind-2.14.1-2.el9.noarch.rpm |
| RedHat | 9 | noarch | pki-jackson-core | <Â 2.14.1-2.el9 | pki-jackson-core-2.14.1-2.el9.noarch.rpm |
| RedHat | 9 | noarch | pki-jackson-annotations | <Â 2.14.1-1.el9 | pki-jackson-annotations-2.14.1-1.el9.noarch.rpm |
| RedHat | 9 | noarch | pki-jackson-jaxrs-json-provider | <Â 2.14.1-2.el9 | pki-jackson-jaxrs-json-provider-2.14.1-2.el9.noarch.rpm |
| RedHat | 9 | noarch | pki-jackson-jaxrs-providers | <Â 2.14.1-2.el9 | pki-jackson-jaxrs-providers-2.14.1-2.el9.noarch.rpm |
Related
veracode
veracode
Denial Of Service (DoS)
2022-03-14 09:02:56
wolfi
wolfi
CVE-2020-36518 vulnerabilities
2024-05-20 15:55:23
ibm
ibm
nessus
nessus
Oracle Primavera P6 Enterprise Project Portfolio Management (Jul 2022 CPU)
2022-10-05 00:00:00
Oracle Linux 9 : jackson (ELSA-2023-2312)
2023-05-15 00:00:00
atlassian
atlassian
Bump jackson-databind dependency to 2.13.4.2
2023-01-12 09:57:47
debian
debian
[SECURITY] [DLA 2990-1] jackson-databind security update
2022-05-02 18:33:45
[SECURITY] [DLA 3207-1] jackson-databind security update
2022-11-27 18:54:15
[SECURITY] [DSA 5283-1] jackson-databind security update
2022-11-17 11:33:20
cve
cve
CVE-2020-36518
2022-03-11 07:15:00
ubuntucve
ubuntucve
CVE-2020-36518
2022-03-11 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-2990-1)
2022-05-03 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:1678-1)
2022-05-17 00:00:00
Debian: Security Advisory (DLA-3207-1)
2022-11-28 00:00:00
redhat
redhat
osv
osv
jackson-databind - security update
2022-05-02 00:00:00
Moderate: jackson security update
2023-05-09 00:00:00
CVE-2020-36518
2022-03-11 07:15:07
prion
prion
Design/Logic Flaw
2022-03-11 07:15:00
redhatcve
redhatcve
CVE-2020-36518
2022-03-16 11:47:03
freebsd
freebsd
kafka -- Denial Of Service vulnerability
2022-03-11 00:00:00
github
github
Deeply nested json in jackson-databind
2022-03-12 00:00:36
Apiman Manager API affected by Jackson denial of service vulnerability
2023-01-09 20:05:31
oraclelinux
oraclelinux
jackson security update
2023-05-15 00:00:00
cvelist
cvelist
CVE-2020-36518
2022-03-11 00:00:00
almalinux
almalinux
Moderate: jackson security update
2023-05-09 00:00:00
cgr
cgr
CVE-2020-36518 vulnerabilities
2024-05-19 03:07:16
debiancve
debiancve
CVE-2020-36518
2022-03-11 07:15:00
mageia
mageia
Updated jackson-databind packages fix security vulnerabilities
2024-03-16 19:28:17
suse
suse
hp
hp
HP Device Manager Security Updates
2023-10-20 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2023
2023-10-17 00:00:00
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00