Lucene search
K

231 matches found

IBM Security Bulletins
IBM Security Bulletins
added yesterday8 views

Security Bulletin: Denial of Service Vulnerability in jackson-core affect IBM Cloud Pak System[WS-2022-0468]

Summary Denial of Service Vulnerability in jackson-core was addressed in IBM Cloud Pak System version 2.3.6.0 and IBM Cloud Pak System version 2.3.5.1 BYOH on power. Vulnerability Details ID:WS-2022-0468 DESCRIPTION: The jackson-core package is vulnerable to a Denial of Service DoS attack. The...

6AI score
Exploits0Affected Software3
OSV
OSV
added 2026/07/02 6:28 a.m.7 views

ROOT-APP-MAVEN-GHSA-72HV-8253-57QQ GHSA-72hv-8253-57qq in io.root.com.fasterxml.jackson.core:jackson-core - Patched by Root

Root has patched GHSA-72hv-8253-57qq in the io.root.com.fasterxml.jackson.core:jackson-core package for Root:Maven. Multiple fixed versions available...

5.8AI score
Exploits0
OSV
OSV
added 2026/07/02 6:19 a.m.11 views

ROOT-APP-MAVEN-CVE-2025-52999 CVE-2025-52999 in io.root.com.fasterxml.jackson.core:jackson-core - Patched by Root

Root has patched CVE-2025-52999 in the io.root.com.fasterxml.jackson.core:jackson-core package for Root:Maven. Multiple fixed versions available...

8.7CVSS7.2AI score0.00634EPSS
Exploits0
OSV
OSV
added 2026/07/01 9:2 a.m.2 views

OPENSUSE-SU-2026:21201-1 Security update for jackson-annotations, jackson-core, jackson-databind

This update for jackson-annotations, jackson-core, jackson-databind fixes the following issues - CVE-2026-54512: jackson-databind has a PolymorphicTypeValidator bypass via generic type parameters that allows arbitrary class instantiation bsc1268897. - CVE-2026-54513: jackson-databind has an array...

8.1CVSS6.1AI score0.00677EPSS
Exploits1References9
OSV
OSV
added 2026/07/01 8:56 a.m.2 views

SUSE-SU-2026:22504-1 Security update for jackson-annotations, jackson-core, jackson-databind

This update for jackson-annotations, jackson-core, jackson-databind fixes the following issues - CVE-2026-54512: jackson-databind has a PolymorphicTypeValidator bypass via generic type parameters that allows arbitrary class instantiation bsc1268897. - CVE-2026-54513: jackson-databind has an array...

8.1CVSS6.1AI score0.00677EPSS
Exploits1References10
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/26 5:3 p.m.3 views

Security Bulletin: Vulnerabilities in jackson-core and UUID might affect IBM Storage Defender Copy Data Management

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in jackson-core and UUID. Vulnerabilities include jackson-core will throw a StreamConstraintsException if the limit is reached, vulnerable to a Denial of Service DoS attack and making unexpected writes when...

8.7CVSS5.8AI score0.00634EPSS
Exploits1Affected Software1
OSV
OSV
added 2026/06/18 10:39 a.m.5 views

ROOT-APP-MAVEN-CVE-2026-29062 CVE-2026-29062 in io.root.tools.jackson.core:jackson-core - Patched by Root

Root has patched CVE-2026-29062 in the io.root.tools.jackson.core:jackson-core package for Root:Maven. Multiple fixed versions available...

8.7CVSS5.3AI score0.00552EPSS
Exploits0
OSV
OSV
added 2026/06/18 10:39 a.m.7 views

ROOT-APP-MAVEN-GHSA-2M67-WJPJ-XHG9 GHSA-2m67-wjpj-xhg9 in io.root.tools.jackson.core:jackson-core - Patched by Root

Root has patched GHSA-2m67-wjpj-xhg9 in the io.root.tools.jackson.core:jackson-core package for Root:Maven. Multiple fixed versions available...

5.8AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/11 3:37 p.m.16 views

Security Bulletin: Vulnarability in jackson-core library (WS-2026-0003) affects Power HMC.

Summary The jackson-core library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details ID:WS-2026-0003 DESCRIPTION: The non-blocking async JSON parser in jackson-core bypasses the maxNumberLength constraint default: 1000 characters defined i...

5.5AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.4 views

Debian dsa-6336 : libjackson2-core-java - security update

The remote Debian 12 / 13 host has a package installed that is affected by a vulnerability as referenced in the dsa-6336 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6336-1 [email protected] https://www.debian.org/security/...

8.7CVSS7.1AI score0.00634EPSS
Exploits0References5
Debian
Debian
added 2026/06/10 9:16 p.m.10 views

[SECURITY] [DSA 6336-1] jackson-core security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6336-1 [email protected] https://www.debian.org/security/ Markus Koschany June 10, 2026 https://www.debian.org/security/faq -...

8.7CVSS6.5AI score0.00634EPSS
Exploits0
Debian
Debian
added 2026/06/08 11:55 a.m.12 views

[SECURITY] [DLA 4623-1] jackson-core security update

Debian LTS Advisory DLA-4623-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 08, 2026 https://wiki.debian.org/LTS Package : jackson-core Version : 2.14.1-2deb11u1 CVE ID : CVE-2025-49128 CVE-2025-52999 Debian Bug : 1108367 Two security vulnerabilities have...

8.7CVSS6.6AI score0.00634EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.11 views

Debian dla-4623 : libjackson2-core-java - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4623 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4623-1 [email protected]...

8.7CVSS7.2AI score0.00634EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/04 4:53 p.m.28 views

Security Bulletin: Vulnerability in jackson-core-2.15.2.jar

Summary Vulnerability in jackson-core-2.15.2.jar Vulnerability Details ID:WS-2026-0003 DESCRIPTION: The non-blocking async JSON parser in jackson-core bypasses the maxNumberLength constraint default: 1000 characters defined in StreamReadConstraints. This allows an attacker to send JSON with...

5.8AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/01 3:14 p.m.30 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in jackson-core-2.14.2.jar

Summary IBM Watson Discovery Cartridge affected by vulnerability in jackson-core-2.14.2.jar Vulnerability Details ID:WS-2026-0003 DESCRIPTION: The non-blocking async JSON parser in jackson-core bypasses the maxNumberLength constraint default: 1000 characters defined in StreamReadConstraints. This...

5.8AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/29 9:1 a.m.34 views

Security Bulletin: IBM Maximo Application Suite - Predict Component uses jackson-core-2.18.2.jar which is vulnerable to WS-2026-0003

Summary Security Bulletin: IBM Maximo Application Suite - Predict Component uses jackson-core-2.18.2.jar which is vulnerable to WS-2026-0003. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ID:WS-2026-0003 DESCRIPTION: The non-blocking async...

5.8AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.11 views

Atlassian Jira Service Management Data Center and Server 11.2.0 < 11.3.5 (JSDSERVER-16576)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16576 advisory. - jackson-core contains core low-level incremental streaming parser and generator abstractions used by...

8.7CVSS5.7AI score0.00552EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/21 3:23 p.m.12 views

Security Bulletin: Due to the use of Jackson Core, CICS Transaction Gateway Desktop Edition is vulnerable to a Denial of Service (DoS) vulnerability.

Summary Due to the use of Jackson Core, CICS Transaction Gateway Desktop Edition is vulnerable to a Denial of Service vulnerability. Jackson Core has been updated within CICS Transaction Gateway Desktop Edition in order to address the vulnerability. Vulnerability Details ID:WS-2026-0003...

5.8AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/19 8:1 a.m.19 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to a Denial of Service due to jackson-core ( WS-2026-0003 )

Summary IBM App Connect Enterprise and IBM Integration Bus for z/OS runtime and toolkit are vulnerable to a Denial of Service due to jackson-core. Vulnerability Details ID:WS-2026-0003 DESCRIPTION: The non-blocking async JSON parser in jackson-core bypasses the maxNumberLength constraint default:...

5.8AI score
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/12 6:24 p.m.19 views

Security Bulletin: IBM SPSS Analytic Server is affected by a jackson-core async parser DoS vulnerability (WS-2026-0003)

Summary IBM SPSS Analytic Server is affected by a jackson-core async parser DoS vulnerability WS-2026-0003. This has been addressed in the remediation section. Vulnerability Details ID:WS-2026-0003 DESCRIPTION: The non-blocking async JSON parser in jackson-core bypasses the maxNumberLength...

5.8AI score
Exploits0Affected Software1
Rows per page
Query Builder