ROOT-APP-MAVEN-GHSA-2M67-WJPJ-XHG9 GHSA-2m67-wjpj-xhg9 in io.root.tools.jackson.core:jackson-core - Patched by Root

Root has patched GHSA-2m67-wjpj-xhg9 in the io.root.tools.jackson.core:jackson-core package for Root:Maven. Multiple fixed versions available...

jackson-core has Nesting Depth Constraint Bypass in `UTF8DataInputJsonParser` potentially allowing Resource Exhaustion

Summary The UTF8DataInputJsonParser, which is used when parsing from a java.io.DataInput source, bypasses the maxNestingDepth constraint default: 500 defined in StreamReadConstraints. A similar issue was found in ReaderBasedJsonParser. This allows a user to supply a JSON document with excessive...