RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.4.24 (RHSA-2026:4916)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4916 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.4.24 (RHSA-2026:4915)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4915 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

MiracleLinux 9 : jackson-annotations, jackson-core, jackson-databind, jackson-jaxrs-providers, and jackson-modules-base (AXSA:2025-10737:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10737:01 advisory. com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError CVE-2025-52999 Tenable has extracted the preceding description block...

MiracleLinux 8 : pki-deps:10.6 (AXSA:2025-10775:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10775:01 advisory. com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError CVE-2025-52999 Tenable has extracted the preceding description block...

CLSA-2025-1764858279 jackson-databind: Fix of 2 CVEs

Removed CVE-2020-36518.patch: jackson-databind 2.14.1-1 is not affected - Rebuilt with the CVE-2025-52999: fixed jackson-core version...

CLSA-2025-1764847045 jackson-annotations: Fix of CVE-2025-52999

Rebuilt with the CVE-2025-52999: fixed jackson-core version - Fixed build: removed unavailable jackson-parent dependencies...

CLSA-2025-1764772111 jackson-modules-base: Fix of CVE-2025-52999

Rebuilt with the CVE-2025-52999: fixed jackson-core version - Fixed build: replaced missing packages with a patch for PackageVersion...

CLSA-2025-1764235184 jackson-core: Fix of CVE-2025-52999

CVE-2025-52999: add StreamReadConstraints to protect against DoS attacks via deeply nested structures and oversized inputs...

Security Bulletin: Security vulnerability affect IBM Business Automation Workflow - CVE-2025-52999

Summary IBM Business Automation Workflow Case documentation in before 25.0.0 built upon a version of DITA, which packages a vulnerable copy of jackson-core. Vulnerability Details CVEID:CVE-2025-52999 DESCRIPTION: jackson-core contains core low-level incremental "streaming" parser and generator...

Splunk Enterprise 9.2.0 < 9.2.9, 9.3.0 < 9.3.7, 9.4.0 < 9.4.5, 10.0.0 < 10.0.1 (SVD-2025-1103)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2025-1103 advisory. - jackson-core contains core low-level incremental streaming parser and generator abstractions used by Jackson Data Processor. ...

Security Bulletin: vulerability in IBM Spectrum Symphony with jackson-core

Summary vulerability in IBM Spectrum Symphony with jackson-core Vulnerability Details CVEID:CVE-2025-52999 DESCRIPTION: jackson-core contains core low-level incremental "streaming" parser and generator abstractions used by Jackson Data Processor. In versions prior to 2.15.0, if a user parses an...

jackson-annotations, jackson-core, jackson-databind, jackson-jaxrs-providers, and jackson-modules-base security update

An update is available for jackson-core, jackson-jaxrs-providers, jackson-databind, jackson-modules-base, jackson-annotations. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

RLSA-2025:12280 Important: jackson-annotations, jackson-core, jackson-databind, jackson-jaxrs-providers, and jackson-modules-base security update

Core part of Jackson that defines Streaming API as well as basic shared abstractions. Security Fixes: com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError CVE-2025-52999 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...

RockyLinux 9 : jackson-annotations, jackson-core, jackson-databind, jackson-jaxrs-providers, and jackson-modules-base (RLSA-2025:12280)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:12280 advisory. com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError CVE-2025-52999 Tenable has extracted the preceding description block directly...

RLSA-2025:14126 Important: pki-deps:10.6 security update

The Public Key Infrastructure PKI Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System. Security Fixes: com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError CVE-2025-52999 For more details about the security issues,...

pki-deps:10.6 security update

An update is available for module.relaxngDatatype, module.jackson-core, apache-commons-collections, module.xml-commons-apis, glassfish-jaxb-api, apache-commons-net, xalan-j2, xmlstreambuffer, xsom, xml-commons-apis, module.slf4j, stax-ex, module.glassfish-jaxb-api, module.bea-stax, relaxngDatatyp...

RockyLinux 8 : pki-deps:10.6 (RLSA-2025:14126)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:14126 advisory. com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError CVE-2025-52999 Tenable has extracted the preceding description block directly...

Important: Red Hat Security Advisory: pki-deps:10.6 security update

An update for the pki-deps:10.6 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

Important: Red Hat Security Advisory: pki-deps:10.6 security update

An update for the pki-deps:10.6 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 8 : pki-deps:10.6 (RHSA-2025:14127)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:14127 advisory. The Public Key Infrastructure PKI Core contains fundamental packages required by Red Hat Certificate System. Security Fixes:...