Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.24 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

FasterXML jackson-core 安全漏洞

FasterXML jackson-core is an open-source API software developed by FasterXML. Versions of FasterXML jackson-core from 3.0.0 to 3.1.0 contained security vulnerabilities. These vulnerabilities stemmed from bypassing the nested depth limit during JSON parsing, which could lead to stack overflows and...

ai.agentican:agentican-framework-core (>=0.1.0-alpha.1 <=0.1.0-alpha.3), ai.agentican:agentican-quarkus-deployment (>=0.1.0-alpha.1 <=0.1.0-alpha.3) +4524 more potentially affected by unknown CVE via tools.jackson.core:jackson-core (>=3.0.0 <=3.1.0-rc1)

tools.jackson.core:jackson-core MAVEN version =3.0.0, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.2, =0.1.0, =0.1.0, =0.7.6, =0.7.17 and more Source cves: unknown CVE Source...

Security Bulletin: Rational Performance Tester contains vulnerabilities which could result in a potential denial of service

Summary Due to the use of the Jackson Data Processor, Rational Performance Tester contains vulnerabilities could result in a potentail denial of service attack. CVE-2025-52999, CVE-2022-0468 Vulnerability Details CVEID:CVE-2025-52999 DESCRIPTION: jackson-core contains core low-level incremental...

DoS (Denial of Service) com.fasterxml.jackson.core:jackson-core Dependency in Bitbucket Data Center and Server

This High severity DoS Denial of Service vulnerability was introduced in version 8.19.0 and 9.4.0 of Bitbucket Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 8.7, allows an attacker to perform actions to degrade service, which has no impact to...

Security Bulletin: Denial of Service Vulnerability in jackson-core affect IBM Cloud Pak System[WS-2022-0468]

Summary Denial of Service Vulnerability in jackson-core was addressed in IBM Cloud Pak System version 2.3.6.0. Vulnerability Details ID:WS-2022-0468 DESCRIPTION: The jackson-core package is vulnerable to a Denial of Service DoS attack. The methods in the classes listed below fail to restrict inpu...

TencentOS Server 4: jackson-core (TSSA-2025:0585)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0585 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

ROS-20251006-12

A vulnerability in a library that provides basic functionality for data serialization and deserialization Jackson Core, is related to the fact that when parsing JSON from an array of bytes with offset and length, an exception message is erroneously read from the beginning of the array. exception...

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in jackson-core-2.10.3.jar

Summary IBM Watson Discovery Cartridge contains a vulnerable version of jackson-core-2.10.3.jar Vulnerability Details CVEID:CVE-2025-52999 DESCRIPTION: jackson-core contains core low-level incremental "streaming" parser and generator abstractions used by Jackson Data Processor. In versions prior ...

Important: Red Hat Security Advisory: pki-deps:10.6 security update

An update for the pki-deps:10.6 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: pki-deps:10.6 security update

An update for the pki-deps:10.6 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated...

Important: Red Hat Security Advisory: pki-deps:10.6 security update

An update for the pki-deps:10.6 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A...

RHEL 8 : pki-deps:10.6 (RHSA-2025:14116)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:14116 advisory. The Public Key Infrastructure PKI Core contains fundamental packages required by Red Hat Certificate System. Security Fixes:...

Linux Distros Unpatched Vulnerability : CVE-2025-49128

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Jackson-core contains core low-level incremental streaming parser and generator abstractions used by Jackson Data Processor. Starting in version 2.0.0 and prior...

AlmaLinux 8 : pki-deps:10.6 (ALSA-2025:14126)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:14126 advisory. com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError CVE-2025-52999 Tenable has extracted the preceding description block directly...

Security Bulletin: IBM Engineering Lifecycle Optimization - Publishing - The jackson-core package is vulnerable to a Denial of Service (DoS) attack

Summary There is a Jackson-Core vulnerability shipped with IBM Engineering Lifecycle Optimization - Publishing. Following IBM® Engineering Lifecycle Management product is vulnerable to this attack, it has been addressed in this bulletin: IBM Engineering Lifecycle Optimization - Publishing...

Amazon Linux 2023 : jackson-core (ALAS2023-2025-1063)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1063 advisory. Jackson-core contains core low-level incremental streaming parser and generator abstractions used by Jackson Data Processor. Starting in version 2.0.0 and prior to version 2.13.0, a flaw in...

Amazon Linux 2 : aws-kinesis-agent (ALAS-2025-2898)

The version of aws-kinesis-agent installed on the remote host is prior to 2.0.12-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2898 advisory. Jackson-core contains core low-level incremental streaming parser and generator abstractions used by Jackson Data...

Amazon Linux 2023 : aws-kinesis-agent (ALAS2023-2025-1024)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1024 advisory. Jackson-core contains core low-level incremental streaming parser and generator abstractions used by Jackson Data Processor. Starting in version 2.0.0 and prior to version 2.13.0, a flaw in...

Jackson-core Vulnerable to Memory Disclosure via Source Snippet in JsonLocation

Overview A flaw in Jackson-core's JsonLocation.appendSourceDesc method allows up to 500 bytes of unintended memory content to be included in exception messages. When parsing JSON from a byte array with an offset and length, the exception message incorrectly reads from the beginning of the array...