CX: Cxced0c06c-935c in Maven-com.fasterxml.jackson.core:jackson-databind and 2.13.0 @ hello-world-java.master

**Description**

A flaw was found in jackson-databind 2.10.x before 2.12.6, 2.13.x before 2.13.1. DoS is possible if using JDK serialization to serialize and deserialize JsonNode values.

**MEDIUM Vulnerable Package** issue exists @ **com.fasterxml.jackson.core:jackson-databind** in branch **master**

**Vulnerability ID:** Cxced0c06c-935c

**Package Name:** com.fasterxml.jackson.core:jackson-databind

**Severity:** MEDIUM

**CVSS Score:** 5.9

**Publish Date:** 2021-11-20T11:04:00

**Current Package Version:** 2.13.0

**Remediation Upgrade Recommendation:** 2.13.1

[Link To SCA](https://sca.checkmarx.net/#/projects/f78fe83c-aa61-4729-8ef7-e65b39520ced/reports/5ae74bc0-38c0-40e4-89f1-1b2462b165bd/vulnerabilities/Cxced0c06c-935c%3AMaven-com.fasterxml.jackson.core%3Ajackson-databind-2.13.0/vulnerabilityDetails/vulnerabilities/Cxced0c06c-935c%3AMaven-com.fasterxml.jackson.core%3Ajackson-databind-2.13.0/vulnerabilityDetails)



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CX: Cxced0c06c-935c in Maven-com.fasterxml.jackson.core:jackson-databind and 2.13.0 @ hello-world-java.master #2

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

CX: Cxced0c06c-935c in Maven-com.fasterxml.jackson.core:jackson-databind and 2.13.0 @ hello-world-java.master #2

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions