Vulnerability Database
289,599
Total vulnerabilities in the database
CVE-2020-28491
This affects the package com.fasterxml.jackson.dataformat:jackson-dataformat-cbor from 0 and before 2.11.4, from 2.12.0-rc1 and before 2.12.1. Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception.
| Software | From | Fixed in |
|---|---|---|
| fasterxml / jackson-dataformats-binary | 2.12.0.x | 2.12.1 |
| fasterxml / jackson-dataformats-binary | - | 2.11.4 |
| fasterxml / jackson-dataformats-binary | 2.12.0 | 2.12.0.x |
| fasterxml / jackson-dataformats-binary | 2.12.0-rc1 | 2.12.0-rc1.x |
| fasterxml / jackson-dataformats-binary | 2.12.0-rc2 | 2.12.0-rc2.x |
| quarkus / quarkus | - | 2.0.2 |
| oracle / weblogic_server | 12.2.1.3.0 | 12.2.1.3.0.x |
| oracle / weblogic_server | 12.2.1.4.0 | 12.2.1.4.0.x |
| oracle / weblogic_server | 14.1.1.0.0 | 14.1.1.0.0.x |
com.fasterxml.jackson.dataformat / jackson-dataformat-cbor
|
2.8.0rc1 | 2.11.4 |
|
com.fasterxml.jackson.dataformat / jackson-dataformat-cbor
|
2.12.0rc1 | 2.12.1 |
- https://github.com/FasterXML/jackson-dataformats-binary/commit/3d7de83423f8f68f8e9a0c8250084e11818544c7
- https://github.com/FasterXML/jackson-dataformats-binary/commit/de072d314af8f5f269c8abec6930652af67bc8e6
- https://github.com/FasterXML/jackson-dataformats-binary/issues/186
- https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONDATAFORMAT-1047329
- https://www.oracle.com/security-alerts/cpujul2022.html