jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.
AI analysis not yet available
Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.
No Fix Known
No patch has been released yet. Apply workarounds or mitigations where available.
| Vendor | Product | Versions | Fixed In |
|---|---|---|---|
| fasterxml | jackson-databind | 2.12.6.1 | - |
| fasterxml | jackson-databind | 2.13.0 - 2.13.2.1 | - |
| oracle | big_data_spatial_and_graph |
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
77
Affected Products
14
References
fasterxml / jackson-databind
| 23.1 |
| - |
| oracle | coherence | - | - |
| oracle | commerce_platform | - | - |
| oracle | commerce_platform | - | - |
| oracle | commerce_platform | - | - |
| oracle | communications_billing_and_revenue_management | 12.0.0.4.0 - 12.0.0.6.0 | - |
| oracle | communications_cloud_native_core_binding_support_function | - | - |
| oracle | communications_cloud_native_core_console | - | - |
| oracle | communications_cloud_native_core_network_repository_function | - | - |
| oracle | communications_cloud_native_core_network_repository_function | - | - |
| oracle | communications_cloud_native_core_network_slice_selection_function | - | - |
| oracle | communications_cloud_native_core_network_slice_selection_function | - | - |
| oracle | communications_cloud_native_core_security_edge_protection_proxy | - | - |
| oracle | communications_cloud_native_core_service_communication_proxy | - | - |
| oracle | communications_cloud_native_core_unified_data_repository | - | - |
| oracle | financial_services_analytical_applications_infrastructure | 8.0.7 - 8.1.0.0 | - |
| oracle | financial_services_analytical_applications_infrastructure | - | - |
| oracle | financial_services_analytical_applications_infrastructure | - | - |
| oracle | financial_services_analytical_applications_infrastructure | - | - |
| oracle | financial_services_behavior_detection_platform | 8.1.1.0 - 8.1.2.1 | - |
| oracle | financial_services_behavior_detection_platform | - | - |
| oracle | financial_services_behavior_detection_platform | - | - |
| oracle | financial_services_crime_and_compliance_management_studio | - | - |
| oracle | financial_services_crime_and_compliance_management_studio | - | - |
| oracle | financial_services_enterprise_case_management | 8.1.1.0 - 8.1.2.1 | - |
| oracle | financial_services_enterprise_case_management | - | - |
| oracle | financial_services_enterprise_case_management | - | - |
| oracle | financial_services_enterprise_case_management | - | - |
| oracle | financial_services_enterprise_case_management | - | - |
| oracle | financial_services_trade-based_anti_money_laundering | - | - |
| oracle | financial_services_trade-based_anti_money_laundering | - | - |
| oracle | global_lifecycle_management_nextgen_oui_framework | 13.9.4.2.2 | - |
| oracle | global_lifecycle_management_nextgen_oui_framework | - | - |
| oracle | global_lifecycle_management_opatch | 12.2.0.1.30 | - |
| oracle | graph_server_and_client | 22.2.0 | - |
| oracle | health_sciences_empirica_signal | - | - |
| oracle | peoplesoft_enterprise_peopletools | - | - |
| oracle | peoplesoft_enterprise_peopletools | - | - |
| oracle | primavera_gateway | 17.12.0 - 17.12.11 | - |
| oracle | primavera_gateway | 18.8.0 - 18.8.14 | - |
| oracle | primavera_gateway | 19.12.0 - 19.12.13 | - |
| oracle | primavera_gateway | 20.12.0 - 20.12.18 | - |
| oracle | primavera_gateway | 21.12.0 - 21.12.1 | - |
| oracle | primavera_p6_enterprise_project_portfolio_management | 17.12.0.0 - 17.12.20.4 | - |
| oracle | primavera_p6_enterprise_project_portfolio_management | 18.8.0.0 - 18.8.25.4 | - |
| oracle | primavera_p6_enterprise_project_portfolio_management | 19.12.0 - 19.12.19.0 | - |
| oracle | primavera_p6_enterprise_project_portfolio_management | 20.12.0.0 - 21.12.4.0 | - |
| oracle | primavera_unifier | 17.0 - 17.12 | - |
| oracle | primavera_unifier | - | - |
| oracle | primavera_unifier | - | - |
| oracle | primavera_unifier | - | - |
| oracle | primavera_unifier | - | - |
| oracle | retail_sales_audit | - | - |
| oracle | sd-wan_edge | - | - |
| oracle | sd-wan_edge | - | - |
| oracle | spatial_studio | 20.1.0 | - |
| oracle | utilities_framework | - | - |
| oracle | utilities_framework | - | - |
| oracle | utilities_framework | - | - |
| oracle | utilities_framework | - | - |
| oracle | utilities_framework | - | - |
| oracle | utilities_framework | - | - |
| oracle | weblogic_server | - | - |
| oracle | weblogic_server | - | - |
| oracle | weblogic_server | - | - |
| debian | debian_linux | - | - |
| debian | debian_linux | - | - |
| debian | debian_linux | - | - |
| netapp | active_iq_unified_manager | - | - |
| netapp | active_iq_unified_manager | - | - |
| netapp | active_iq_unified_manager | - | - |
| netapp | cloud_insights_acquisition_unit | - | - |
| netapp | oncommand_insight | - | - |
| netapp | oncommand_workflow_automation | - | - |
| netapp | snap_creator_framework | - | - |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability
Impact