CNNVD-202506-3167 Information
CNNVD ID
CNNVD-202506-3167
Related CVE
- CNNVD Published: 2025-06-25
Description (Chinese)
FasterXML jackson-core是FasterXML开源的一个API软件。 FasterXML jackson-core 2.15.0之前版本存在安全漏洞,该漏洞源于处理深度嵌套数据时可能导致堆栈溢出。
Description (English)
FastXML jackson-core is an API open source for FastXML. There was a safety loophole in the previous version of FastXML jackson-core 2.15.0, which stemmed from potential stack spills in the processing of Depth Embedded Data.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
fastify
Published
2025-06-25
Last Modified
2026-02-24
References
https://github.com/FasterXML/jackson-core/security/advisories/GHSA-h46c-h94j-95f3 https://github.com/FasterXML/jackson-core/pull/943 https://nvd.nist.gov/vuln/detail/CVE-2025-52999 https://vigilance.fr/vulnerability/FasterXML-Jackson-Core-denial-of-service-via-Deeply-Nested-Data-47543 https://www.oracle.com/security-alerts/cpuoct2025.html https://www.oracle.com/security-alerts/cpujan2026.html https://access.redhat.com/security/cve/cve-2025-52999
Patch
https://github.com/FasterXML/jackson-core/tags
Share on: