Security Bulletin: Multiple vulnerabilities in Data-Binding for Jackson shipped with IBM Operations Analytics - Log Analysis

Summary There are multiple vulnerabilities in various versions of Data-Binding functionality for Jackson that affect IBM Operations Analytics - Log Analysis. It has been fixed. The vulnerabilities are listed in the Vulnerability Details section below. Vulnerability Details CVEID:CVE-2020-25649...

Unspecified vulnerability in FasterXML jackson-databind (CNVD-2021-03346)

FasterXML jackson-databind is a generic data binding package for Jackson 2.x. A security vulnerability exists in FasterXML jackson-databind. No details of the vulnerability are provided at this time...

[SECURITY] Fedora 31 Update: jackson-annotations-2.10.0-1.fc31

Core annotations used for value types, used by Jackson data-binding package...

DEBIAN-CVE-2019-17531

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled either globally or for a specific property for an externally exposed JSON endpoint and the service has the apache-log4j-extra version 1.2.x jar in the classpath, and an...

[SECURITY] Fedora 30 Update: jackson-annotations-2.9.9-1.fc30

Core annotations used for value types, used by Jackson data-binding package...