Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
jackson-databind 2.10.x through 2.12.x before 2.12.6 and 2.13.x before 2.13.1 allows attackers to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
FasterXML jackson-databind 安全漏洞
Vulnerability Description
FasterXML jackson-databind是FasterXML公司的一个基于JAVA可以将XML和JSON等数据格式与JAVA对象进行转换的库。Jackson可以轻松的将Java对象转换成json对象和xml文档,同样也可以将json、xml转换成Java对象。 FasterXML jackson-databind 存在安全漏洞,该漏洞源于允许攻击者在涉及JsonNode JDK 序列化的罕见情况下导致拒绝服务。以下产品和版本受到影响:jackson-databind2.10.0至2.13.0版
CVSS Information
N/A
Vulnerability Type
N/A