jackson-core-2.13.2.jar Cassandra5.0.2

Kapil Shewate (Jira) Sat, 03 May 2025 05:53:06 -0700

Kapil Shewate created CASSANDRA-20617:
-----------------------------------------


             Summary: BDSA-2022-4307 vulnerability is reported by BluckDuck 
scan in apache-cassandra/lib/jackson-core-2.13.2.jar  Cassandra5.0.2
                 Key: CASSANDRA-20617
                 URL: https://issues.apache.org/jira/browse/CASSANDRA-20617
             Project: Apache Cassandra
          Issue Type: Bug
            Reporter: Kapil Shewate


FasterXML Jackson Core does not restrict the size of certain numeric types. A 
remote attacker able to supply specially crafted serialized data to an 
application that deserializes it, could cause excessive resource consumption 
resulting in a denial-of-service (DoS).



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org

[jira] [Created] (CASSANDRA-20617) BDSA-2022-4307 vulnerability is reported by BluckDuck scan in apache-cassandra/lib/jackson-core-2.13.2.jar Cassandra5.0.2

Reply via email to