In FasterXML jackson-databind before 2.14.0-rc1, resource exhaustion can occur because of a lack of a check-in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. Additional fix version in 2.13.4.1 and 2.12.17.1

Products Confirmed Not Affected
No Brocade Fibre Channel Products from Broadcom products are known to be affected by this vulnerability.

ibm 79

osv 4

nessus 31

prion 1

atlassian 4

veracode 1

redhatcve 1

ubuntucve 1

f5 1

cve 1

debiancve 1

github 1

gentoo 1

openvas 4

redhat 30

mageia 1

debian 2

freebsd 1

rocky 1

hp 1

oracle 6

ibm

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to FasterXML jackson-databind denial of service (CVE-2022-42003)

2022-12-05 06:49:13

Security Bulletin: IBM Sterling Global Mailbox is vulnerable to denial of service due to FasterXML jackson-databind (CVE-2022-42003)

2023-07-21 12:39:37

Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to denial of service due to FasterXML jackson-databind (CVE-2022-42003)

2023-02-07 16:07:53

osv

CVE-2022-42003

2022-10-02 05:15:09

Uncontrolled Resource Consumption in Jackson-databind

2022-10-03 00:00:31

jackson-databind - security update

2022-11-17 00:00:00

nessus

Atlassian Jira Service Management Data Center and Server 4.20.x < 4.20.27 / 5.4.x < 5.4.11 (JSDSERVER-14751)

2023-12-11 00:00:00

Oracle NoSQL Database Multiple Vulnerabilities (Apr 2023 CPU)

2023-04-20 00:00:00

GLSA-202210-21 : FasterXML jackson-databind: Multiple vulnerabilities

2022-10-31 00:00:00

prion

Code injection

2022-10-02 05:15:00

atlassian

FasterXML Vulnerability in Bitbucket Data Center and Server

2023-10-06 17:45:05

DoS (Denial of Service) com.fasterxml.jackson.core:jackson-databind in Jira Software Data Center and Server

2023-11-12 13:45:23

FasterXML Vulnerability in Jira Service Management Data Center and Server

2023-10-09 01:44:35

veracode

Denial Of Service (DoS)

2022-10-03 10:42:53

redhatcve

CVE-2022-42003

2022-10-17 07:01:04

ubuntucve

CVE-2022-42003

2022-10-02 00:00:00

K000135852 : FasterXML jackson-databind vulnerability CVE-2022-42003

2023-08-15 00:00:00

cve

CVE-2022-42003

2022-10-02 05:15:00

debiancve

CVE-2022-42003

2022-10-02 05:15:00

github

Uncontrolled Resource Consumption in Jackson-databind

2022-10-03 00:00:31

gentoo

FasterXML jackson-databind: Multiple vulnerabilities

2022-10-31 00:00:00

openvas

SUSE: Security Advisory (SUSE-SU-2022:3995-1)

2022-11-16 00:00:00

Mageia: Security Advisory (MGASA-2024-0069)

2024-03-18 00:00:00

Debian: Security Advisory (DSA-5283-1)

2022-11-18 00:00:00

redhat

(RHSA-2023:1151) Critical: Satellite 6.11.5 Async Security Update

2023-03-07 18:53:49

(RHSA-2023:0261) Critical: Satellite 6.12.1 Async Security Update

2023-01-18 14:49:14

(RHSA-2022:9032) Important: Red Hat build of Eclipse Vert.x 4.3.4 security update

2022-12-15 12:38:08

mageia

Updated jackson-databind packages fix security vulnerabilities

2024-03-16 19:28:17

debian

[SECURITY] [DLA 3207-1] jackson-databind security update

2022-11-27 18:53:52

[SECURITY] [DSA 5283-1] jackson-databind security update

2022-11-17 11:17:07

freebsd

cassandra3 -- multiple vulnerabilities

2023-01-11 00:00:00

rocky

Satellite 6.13 Release

2023-05-05 15:39:58

HP Device Manager Security Updates

2023-10-20 00:00:00

oracle

Oracle Critical Patch Update Advisory - October 2023

2023-10-17 00:00:00

Oracle Critical Patch Update Advisory - January 2024

2024-01-16 00:00:00

Oracle Critical Patch Update Advisory - January 2023

2023-01-17 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.9%

JSON

Related for BSNSA22130