Uploaded image for project: 'TomEE'
  1. TomEE
  2. TOMEE-4227

Jackson 2.15.2

    XMLWordPrintableJSON

Details

    Description

      Vulnerability Details

      CVE-2023-35116

      Summary: An issue was discovered jackson-databind thru 2.15.2 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. NOTE: the vendor's perspective is that the product is not intended for use with untrusted input.

      Attachments

        Issue Links

          is a clone of

          Dependency upgrade - Upgrading a dependency to a newer version TOMEE-4216 Jackson 2.15.1

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              rzo1 Richard Zowalla
              somasaninikhil Nikhil
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: