ROOT-APP-MAVEN-GHSA-72HV-8253-57QQ GHSA-72hv-8253-57qq in io.root.com.fasterxml.jackson.core:jackson-core - Patched by Root

Root has patched GHSA-72hv-8253-57qq in the io.root.com.fasterxml.jackson.core:jackson-core package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2025-52999 CVE-2025-52999 in io.root.com.fasterxml.jackson.core:jackson-core - Patched by Root

Root has patched CVE-2025-52999 in the io.root.com.fasterxml.jackson.core:jackson-core package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-GHSA-2M67-WJPJ-XHG9 GHSA-2m67-wjpj-xhg9 in io.root.tools.jackson.core:jackson-core - Patched by Root

Root has patched GHSA-2m67-wjpj-xhg9 in the io.root.tools.jackson.core:jackson-core package for Root:Maven. Multiple fixed versions available...

Security Bulletin: Vulnarability in jackson-core library (WS-2026-0003) affects Power HMC.

Summary The jackson-core library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details ID:WS-2026-0003 DESCRIPTION: The non-blocking async JSON parser in jackson-core bypasses the maxNumberLength constraint default: 1000 characters defined i...

Debian dsa-6336 : libjackson2-core-java - security update

The remote Debian 12 / 13 host has a package installed that is affected by a vulnerability as referenced in the dsa-6336 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6336-1 [email protected] https://www.debian.org/security/...

[SECURITY] [DSA 6336-1] jackson-core security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6336-1 [email protected] https://www.debian.org/security/ Markus Koschany June 10, 2026 https://www.debian.org/security/faq -...

[SECURITY] [DLA 4623-1] jackson-core security update

Debian LTS Advisory DLA-4623-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 08, 2026 https://wiki.debian.org/LTS Package : jackson-core Version : 2.14.1-2deb11u1 CVE ID : CVE-2025-49128 CVE-2025-52999 Debian Bug : 1108367 Two security vulnerabilities have...

Debian dla-4623 : libjackson2-core-java - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4623 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4623-1 [email protected]...

Security Bulletin: Vulnerability in jackson-core-2.15.2.jar

Summary Vulnerability in jackson-core-2.15.2.jar Vulnerability Details ID:WS-2026-0003 DESCRIPTION: The non-blocking async JSON parser in jackson-core bypasses the maxNumberLength constraint default: 1000 characters defined in StreamReadConstraints. This allows an attacker to send JSON with...

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in jackson-core-2.14.2.jar

Summary IBM Watson Discovery Cartridge affected by vulnerability in jackson-core-2.14.2.jar Vulnerability Details ID:WS-2026-0003 DESCRIPTION: The non-blocking async JSON parser in jackson-core bypasses the maxNumberLength constraint default: 1000 characters defined in StreamReadConstraints. This...

Security Bulletin: IBM Maximo Application Suite - Predict Component uses jackson-core-2.18.2.jar which is vulnerable to WS-2026-0003

Summary Security Bulletin: IBM Maximo Application Suite - Predict Component uses jackson-core-2.18.2.jar which is vulnerable to WS-2026-0003. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ID:WS-2026-0003 DESCRIPTION: The non-blocking async...

Atlassian Jira Service Management Data Center and Server 11.2.0 < 11.3.5 (JSDSERVER-16576)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16576 advisory. - jackson-core contains core low-level incremental streaming parser and generator abstractions used by...

Security Bulletin: Due to the use of Jackson Core, CICS Transaction Gateway Desktop Edition is vulnerable to a Denial of Service (DoS) vulnerability.

Summary Due to the use of Jackson Core, CICS Transaction Gateway Desktop Edition is vulnerable to a Denial of Service vulnerability. Jackson Core has been updated within CICS Transaction Gateway Desktop Edition in order to address the vulnerability. Vulnerability Details ID:WS-2026-0003...

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to a Denial of Service due to jackson-core ( WS-2026-0003 )

Summary IBM App Connect Enterprise and IBM Integration Bus for z/OS runtime and toolkit are vulnerable to a Denial of Service due to jackson-core. Vulnerability Details ID:WS-2026-0003 DESCRIPTION: The non-blocking async JSON parser in jackson-core bypasses the maxNumberLength constraint default:...

Security Bulletin: IBM SPSS Analytic Server is affected by a jackson-core async parser DoS vulnerability (WS-2026-0003)

Summary IBM SPSS Analytic Server is affected by a jackson-core async parser DoS vulnerability WS-2026-0003. This has been addressed in the remediation section. Vulnerability Details ID:WS-2026-0003 DESCRIPTION: The non-blocking async JSON parser in jackson-core bypasses the maxNumberLength...

RCE (Remote Code Execution) at com.fasterxml.jackson.core:jackson-core dependency in Crucible Server

This High severity RCE Remote Code Execution vulnerability was introduced in version 4.9.0 of Crucible Server. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.7 and a CVSS Vector of CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N allows an unauthenticated...

DoS (Denial of Service) at jackson-core dependency in Bamboo Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 12.0.0 and 12.1.0 of Bamboo Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 8.7 and a CVSS Vector of CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N allows an...

Security Bulletin: MongoDB Enterprised Advanced affected by: Denial of Service Caused by Improper JSON Parser (WS-2026-0003)

Summary There is a vulnerability in jackson-core-2.15.0.jar, jackson-core-2.18.3.jar, jackson-core-2.19.2.jar, jackson-core-2.19.4.jar used in MongoDB Enterprised Advanced for IBM, involving WS-2026-0003. The vulnerability has been addressed. Vulnerability Details ID:WS-2026-0003 DESCRIPTION: The...

Security Bulletin: IBM App Connect for Manufacturing is vulnerable to multiple vulnerabilities due to Netty and jackson-core (CVE-2026-33870, WS-2026-003)

Summary IBM App Connect for Manufacturing is vulnerable to a request smuggling attack and a Denial of Service attack due to Netty and jackson-core. Vulnerability Details CVEID:CVE-2026-33870 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. In versions prior to...

Security Bulletin: There is a vulnerability in jackson-core-2.15.1.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (WS-2026-0003)

Summary There is a vulnerability in jackson-core-2.15.1.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details ID:WS-2026-0003 DESCRIPTION: The non-blocking async JSON parser in jackson-core bypasses the maxNumberLength constraint default: 1000 characters...