87 matches found
CLSA-2025-1760018305 jackson-databind: Fix of CVE-2020-36518
CVE-2020-36518: fix denial of service via a large depth of nested objects...
Security Bulletin: IBM Engineering Lifecycle Management - Jazz Foundation is impacted by vulnerabilities in FasterXML jackson-databind
Summary Vulnerabilities have been identified in FasterXML jackson-databind, which is used in IBM Engineering Lifecycle Management - Jazz Foundation. Vulnerability Details CVEID:CVE-2022-42003 DESCRIPTION: In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion ca...
MiracleLinux 9 : jackson (AXSA:2023-5805:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5805:01 advisory. jackson-databind: denial of service via a large depth of nested objects CVE-2020-36518 Tenable has extracted the preceding description block directly from th...
Security Bulletin: IBM B2B Advanced Communications is affected by multiple vulnerabilities in log4j
Summary IBM B2B Advanced Communications has addressed vulnerabilities in log4j shipped with productCVE-2022-0084 CVE-2020-36518 CVE-2021-37136 CVE-2022-23913 CVE-2022-24785 Vulnerability Details CVEID:CVE-2022-0084 DESCRIPTION: A flaw was found in XNIO, specifically in the notifyReadClosed method...
CLSA-2025-1764858279 jackson-databind: Fix of 2 CVEs
Removed CVE-2020-36518.patch: jackson-databind 2.14.1-1 is not affected - Rebuilt with the CVE-2025-52999: fixed jackson-core version...
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.1.11 on RHEL 7 (RHSA-2025:9582)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:9582 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
Alibaba Cloud Linux 3 : 0150: pki-core:10.6 and pki-deps:10.6 (ALINUX3-SA-2024:0150)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0150 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-36518: jackson-databind before 2.13.0 allo...
Oracle Siebel Server <= 23.5 (July 2023 CPU)
The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2023 CPU advisory. - Vulnerability in the Siebel CRM product of Oracle Siebel CRM component: EAI JSON-java. Supported versions that are affected are 23.5 and prior...
Security Bulletin: Vulnerability in jackson-databind affects watsonx.data
Summary FasterXML jackson-databind is vulnerable to a denial of service, caused by a Java StackOverflow exception and other causes Vulnerability Details CVEID:CVE-2020-36518 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, caused by a Java StackOverflow exception. By...
pki-core:10.6 and pki-deps:10.6 security update
An update is available for module.slf4j, xerces-j2, javassist, xml-commons-resolver, xml-commons-apis, module.jackson-jaxrs-providers, module.xsom, apache-commons-lang, velocity, module.apache-commons-collections, jackson-core, module.stax-ex, module.jackson-core, pki-core, jackson-jaxrs-provider...
RLSA-2024:3061 Moderate: pki-core:10.6 and pki-deps:10.6 security update
The Public Key Infrastructure PKI Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System. Security Fixes: jackson-databind: denial of service via a large depth of nested objects CVE-2020-36518 For more details about the security issues, including th...
RHEL 8 : pki-core:10.6 and pki-deps:10.6 (RHSA-2024:3061)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3061 advisory. The Public Key Infrastructure PKI Core contains fundamental packages required by Red Hat Certificate System. Security Fixes: jackson-databind: denial...
Moderate: Red Hat Security Advisory: pki-core:10.6 and pki-deps:10.6 security update
An update for the pki-core:10.6 and pki-deps:10.6 modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
ALSA-2024:3061 Moderate: pki-core:10.6 and pki-deps:10.6 security update
The Public Key Infrastructure PKI Core contains fundamental packages required by AlmaLinux Certificate System. Security Fixes: jackson-databind: denial of service via a large depth of nested objects CVE-2020-36518 For more details about the security issues, including the impact, a CVSS score,...
Mageia: Security Advisory (MGASA-2024-0069)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Multiple vulnerabilities fixed in IBM Security Verify Governance - Identity Manager software component
Summary Multiple security vulnerabilities have been addressed in IBM Security Verify Governance - Identity Manager software component. Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Google Guava could allow a local authenticated attacker to obtain sensitive information, caused by a flaw...
Security Bulletin: Multiple vulnerabilities has been identified in FasterXML jackson-databind affect IBM Engineering Lifecycle Optimization - Publishing
Summary A security vulnerability has been identified in FasterXML jackson-databind affect IBM Engineering Lifecycle Optimization - Publishing. Information about a security vulnerability affecting jackson-databind has been published in a security bulletin. Vulnerability Details CVEID:CVE-2021-4687...
Security Bulletin: There are several vulnerabilities in jackson-databind used by IBM Maximo Asset Management (CVE-2022-42003, CVE-2022-42004, CVE-2020-36518)
Summary There are several vulnerabilities in jackson-databind used by IBM Maximo Asset Management. Vulnerability Details CVEID:CVE-2022-42003 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a check in the primitive value deserializers when the...
Important: Red Hat Security Advisory: Red Hat AMQ Streams 2.4.0 release and security update
Red Hat AMQ Streams 2.4.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Oracle Linux 9 : jackson (ELSA-2023-2312)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-2312 advisory. jackson-annotations 2.14.1-1 - Update to version 2.14.1 - Resolves: 2070122 jackson-core 2.14.1-1 - Update to version 2.14.1 - Resolves: 2070122 jackson-databin...