CVE-2020-36518 @ Maven-com.fasterxml.jackson.core:jackson-databind-2.0.4 #101

cxronen · 2022-09-20T19:37:09Z

Checkmarx (SCA): Vulnerable Package
Vulnerability: Read More about CVE-2020-36518
Checkmarx Project: cxronen/BookStore_VSCode
Repository URL: https://github.com/cxronen/BookStore_VSCode
Branch: master
Scan ID: 3aaa12b3-552a-4874-ba98-3d364d7d56f6

jackson-databind before 2.12.6.1 and 2.13.x before 2.13.2.1 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.

Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: NONE
Availability impact: HIGH
Remediation Upgrade Recommendation: 2.3.0.redhat-4

cxronen added SCA project:cxronen/BookStore_VSCode and removed CxSCA labels Sep 18, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE-2020-36518 @ Maven-com.fasterxml.jackson.core:jackson-databind-2.0.4 #101

CVE-2020-36518 @ Maven-com.fasterxml.jackson.core:jackson-databind-2.0.4 #101

cxronen commented Sep 20, 2022 •

edited

Loading

CVE-2020-36518 @ Maven-com.fasterxml.jackson.core:jackson-databind-2.0.4 #101

CVE-2020-36518 @ Maven-com.fasterxml.jackson.core:jackson-databind-2.0.4 #101

Comments

cxronen commented Sep 20, 2022 • edited Loading

cxronen commented Sep 20, 2022 •

edited

Loading