13 matches found
[SECURITY] [DLA 4623-1] jackson-core security update
Debian LTS Advisory DLA-4623-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 08, 2026 https://wiki.debian.org/LTS Package : jackson-core Version : 2.14.1-2deb11u1 CVE ID : CVE-2025-49128 CVE-2025-52999 Debian Bug : 1108367 Two security vulnerabilities have...
Oracle Enterprise Manager Cloud Control (October 2025 CPU)
The 13.5 and 24.1 versions of Enterprise Manager Base Platform installed on the remote host are affected by a vulnerability as referenced in the October 2025 CPU advisory. - Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Security Framework...
Linux Distros Unpatched Vulnerability : CVE-2025-49128
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Jackson-core contains core low-level incremental streaming parser and generator abstractions used by Jackson Data Processor. Starting in version 2.0.0 and prior...
Medium: jackson-core
Issue Overview: Jackson-core contains core low-level incremental "streaming" parser and generator abstractions used by Jackson Data Processor. Starting in version 2.0.0 and prior to version 2.13.0, a flaw in jackson-core's JsonLocation.appendSourceDesc method allows up to 500 bytes of unintended...
Medium: aws-kinesis-agent
Issue Overview: Jackson-core contains core low-level incremental "streaming" parser and generator abstractions used by Jackson Data Processor. Starting in version 2.0.0 and prior to version 2.13.0, a flaw in jackson-core's JsonLocation.appendSourceDesc method allows up to 500 bytes of unintended...
Medium: aws-kinesis-agent
Issue Overview: Jackson-core contains core low-level incremental "streaming" parser and generator abstractions used by Jackson Data Processor. Starting in version 2.0.0 and prior to version 2.13.0, a flaw in jackson-core's JsonLocation.appendSourceDesc method allows up to 500 bytes of unintended...
Medium: aws-kinesis-agent
Issue Overview: Jackson-core contains core low-level incremental "streaming" parser and generator abstractions used by Jackson Data Processor. Starting in version 2.0.0 and prior to version 2.13.0, a flaw in jackson-core's JsonLocation.appendSourceDesc method allows up to 500 bytes of unintended...
CVE-2025-49128 vulnerabilities
Vulnerabilities for packages: scala, datadog-jmxfetch, druid, tez, spark...
CVE-2025-49128
A flaw was found in the Jackson-core JsonLocation.appendSourceDesc method. This vulnerability allows up to 500 bytes of unintended memory content to be included in exception messages. This issue may lead to unintended information disclosure. Mitigation If upgrading is not immediately possible,...
CVE-2025-49128
Jackson-core contains core low-level incremental "streaming" parser and generator abstractions used by Jackson Data Processor. Starting in version 2.0.0 and prior to version 2.13.0, a flaw in jackson-core's JsonLocation.appendSourceDesc method allows up to 500 bytes of unintended memory content t...
CVE-2025-49128 Jackson-core Vulnerable to Memory Disclosure via Source Snippet in JsonLocation
Jackson-core contains core low-level incremental "streaming" parser and generator abstractions used by Jackson Data Processor. Starting in version 2.0.0 and prior to version 2.13.0, a flaw in jackson-core's JsonLocation.appendSourceDesc method allows up to 500 bytes of unintended memory content t...
CVE-2025-49128
Jackson-core contains core low-level incremental "streaming" parser and generator abstractions used by Jackson Data Processor. Starting in version 2.0.0 and prior to version 2.13.0, a flaw in jackson-core's JsonLocation.appendSourceDesc method allows up to 500 bytes of unintended memory content t...
CVE-2025-49128 Jackson-core Vulnerable to Memory Disclosure via Source Snippet in JsonLocation
Jackson-core contains core low-level incremental "streaming" parser and generator abstractions used by Jackson Data Processor. Starting in version 2.0.0 and prior to version 2.13.0, a flaw in jackson-core's JsonLocation.appendSourceDesc method allows up to 500 bytes of unintended memory content t...