[jira] [Created] (TINKERPOP-2948) PRISMA security vulnerabilty for jackson-databind 2.14.0

Aaron Coady (Jira) Wed, 10 May 2023 12:20:04 -0700

Aaron Coady created TINKERPOP-2948:
--------------------------------------

             Summary: PRISMA security vulnerabilty for jackson-databind 2.14.0
                 Key: TINKERPOP-2948
                 URL: https://issues.apache.org/jira/browse/TINKERPOP-2948
             Project: TinkerPop
          Issue Type: Bug
          Components: server
    Affects Versions: 3.5.6, 3.6.3
            Reporter: Aaron Coady



 
h1. PRISMA-2023-0067 logged against jackson-databind 2.14.0

[https://github.com/FasterXML/jackson-core/pull/827]

 

com.fasterxml.jackson.core_jackson-core package versions before 2.15.0 are 
vulnerable to Denial of Service (DoS). The package does not properly restrict 
the size or amount of resources that are requested or influenced by an actor, 
which can be used to consume more resources than intended and leads to 
Uncontrolled Resource Consumption ('Resource Exhaustion')



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (TINKERPOP-2948) PRISMA security vulnerabilty for jackson-databind 2.14.0

Reply via email to