CVE-2020-36518 @ Maven-com.fasterxml.jackson.core:jackson-databind-2.12.5 #73

SamHeadrickCx · 2023-03-14T20:18:32Z

Checkmarx (SCA): Vulnerable Package
Vulnerability: Read More about CVE-2020-36518
Checkmarx Project: SamHeadrickCx/easybuggy4sb
Repository URL: https://github.com/SamHeadrickCx/easybuggy4sb
Branch: master
Scan ID: 94cbf8fd-fbe8-49c7-9c55-da0658f9cbfc

jackson-databind before 2.12.6.1 and 2.13.x before 2.13.2.1 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.

Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: NONE
Availability impact: HIGH
Remediation Upgrade Recommendation: 2.12.6.redhat-00001

SamHeadrickCx added SCA project:SamHeadrickCx/easybuggy4sb and removed CxSCA labels Jun 19, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE-2020-36518 @ Maven-com.fasterxml.jackson.core:jackson-databind-2.12.5 #73

CVE-2020-36518 @ Maven-com.fasterxml.jackson.core:jackson-databind-2.12.5 #73

SamHeadrickCx commented Mar 14, 2023 •

edited

Loading

CVE-2020-36518 @ Maven-com.fasterxml.jackson.core:jackson-databind-2.12.5 #73

CVE-2020-36518 @ Maven-com.fasterxml.jackson.core:jackson-databind-2.12.5 #73

Comments

SamHeadrickCx commented Mar 14, 2023 • edited Loading

SamHeadrickCx commented Mar 14, 2023 •

edited

Loading