Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Fasterxml Subscribe
Filtered by product Jackson-modules-java8
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-1000873 3 Fasterxml, Netapp, Oracle 6 Jackson-modules-java8, Active Iq Unified Manager, Clusterware and 3 more 2021-01-19 4.3 MEDIUM 6.5 MEDIUM
Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service (DoS). This attack appear to be exploitable via The victim deserializes malicious input, specifically very large values in the nanoseconds field of a time value. This vulnerability appears to have been fixed in 2.9.8.