jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.
Metrics
Affected Vendors & Products
References
History
Wed, 27 Aug 2025 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 25 Jun 2025 14:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat jboss Enterprise Application Platform Eus
|
|
CPEs | cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7 cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7 |
|
Vendors & Products |
Redhat jboss Enterprise Application Platform Eus
|

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2025-08-27T20:34:32.190Z
Reserved: 2022-03-11T00:00:00.000Z
Link: CVE-2020-36518

Updated: 2024-08-04T17:30:08.127Z

Status : Modified
Published: 2022-03-11T07:15:07.800
Modified: 2025-08-27T21:15:36.420
Link: CVE-2020-36518


No data.