RHSA-2023:2312-01 -- Redhat jackson-annotations, jackson-core, jackson-databind, jackson-jaxrs-providers, jackson-modules-base, pki-jackson-annotations, pki-jackson-core, pki-jackson-databind, pki-jackson-jaxrs-json-provider, pki-jackson-jaxrs-providers, pki-jackson-module-jaxb-annotationsID: oval:org.secpod.oval:def:507662 | Date: (C)2023-05-22 (M)2023-12-26 |
Class: PATCH | Family: unix |
Jackson is a suite of data-processing tools for Java, including the flagship streaming JSON parser / generator library, matching data-binding library, and additional modules to process data encoded in various other data formats. Security Fix: * jackson-databind: denial of service via a large depth of nested objects For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.2 Release Notes linked from the References section.
Platform: |
Red Hat Enterprise Linux 9 |
Product: |
pki-jackson-annotations |
pki-jackson-core |
pki-jackson-databind |
pki-jackson-jaxrs-json-provider |
pki-jackson-jaxrs-providers |
pki-jackson-module-jaxb-annotations |