Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.7
CVSSv3

CVE-2023-35116

Published: 14/06/2023 Updated: 11/04/2024
CVSS v3 Base Score: 4.7 | Impact Score: 3.6 | Exploitability Score: 1
VMScore: 0
Subscribe to Jackson-databind

Vulnerability Summary

jackson-databind up to and including 2.15.2 allows malicious users to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies. NOTE: the vendor's perspective is that this is not a valid vulnerability report, because the steps of constructing a cyclic data structure and trying to serialize it cannot be achieved by an external attacker.

Vulnerable Product Search on Vulmon Subscribe to Product

fasterxml jackson-databind

Vendor Advisories

Red Hat: Moderate: Red Hat Data Grid 8.4.4 security update
Synopsis Moderate: Red Hat Data Grid 844 security update Type/Severity Security Advisory: Moderate Topic An update for Red Hat Data Grid 8 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, i ...
Red Hat: Moderate: Migration Toolkit for Runtimes security, bug fix and enhancement update
Synopsis Moderate: Migration Toolkit for Runtimes security, bug fix and enhancement update Type/Severity Security Advisory: Moderate Topic Migration Toolkit for Runtimes 124 releaseRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a de ...
Red Hat: Important: jenkins and jenkins-2-plugins security update
Synopsis Important: jenkins and jenkins-2-plugins security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for ...

References

CWE-770https://github.com/FasterXML/jackson-databind/issues/3972https://access.redhat.com/errata/RHSA-2023:5396https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook