vulnerability

CentOS Linux: CVE-2022-42004: Important: Satellite 6.13 Release (CESA-2023:2097)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:N/I:N/A:C)	2022-10-02	2023-05-04	2025-01-28

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:C)

Published

2022-10-02

Added

2023-05-04

Modified

2025-01-28

Description

In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.

Solution(s)

centos-upgrade-foreman-clicentos-upgrade-python39-pulp_manifestcentos-upgrade-rubygem-amazing_printcentos-upgrade-rubygem-apipie-bindingscentos-upgrade-rubygem-clampcentos-upgrade-rubygem-domain_namecentos-upgrade-rubygem-fast_gettextcentos-upgrade-rubygem-fficentos-upgrade-rubygem-ffi-debuginfocentos-upgrade-rubygem-ffi-debugsourcecentos-upgrade-rubygem-foreman_maintaincentos-upgrade-rubygem-gssapicentos-upgrade-rubygem-hammer_clicentos-upgrade-rubygem-hammer_cli_foremancentos-upgrade-rubygem-hammer_cli_foreman_admincentos-upgrade-rubygem-hammer_cli_foreman_ansiblecentos-upgrade-rubygem-hammer_cli_foreman_azure_rmcentos-upgrade-rubygem-hammer_cli_foreman_bootdiskcentos-upgrade-rubygem-hammer_cli_foreman_discoverycentos-upgrade-rubygem-hammer_cli_foreman_googlecentos-upgrade-rubygem-hammer_cli_foreman_openscapcentos-upgrade-rubygem-hammer_cli_foreman_remote_executioncentos-upgrade-rubygem-hammer_cli_foreman_taskscentos-upgrade-rubygem-hammer_cli_foreman_templatescentos-upgrade-rubygem-hammer_cli_foreman_virt_who_configurecentos-upgrade-rubygem-hammer_cli_foreman_webhookscentos-upgrade-rubygem-hammer_cli_katellocentos-upgrade-rubygem-hashiecentos-upgrade-rubygem-highlinecentos-upgrade-rubygem-http-acceptcentos-upgrade-rubygem-http-cookiecentos-upgrade-rubygem-jwtcentos-upgrade-rubygem-little-pluggercentos-upgrade-rubygem-localecentos-upgrade-rubygem-loggingcentos-upgrade-rubygem-mime-typescentos-upgrade-rubygem-mime-types-datacentos-upgrade-rubygem-multi_jsoncentos-upgrade-rubygem-netrccentos-upgrade-rubygem-oauthcentos-upgrade-rubygem-oauth-ttycentos-upgrade-rubygem-powerbarcentos-upgrade-rubygem-rest-clientcentos-upgrade-rubygem-snaky_hashcentos-upgrade-rubygem-unfcentos-upgrade-rubygem-unf_extcentos-upgrade-rubygem-unf_ext-debuginfocentos-upgrade-rubygem-unf_ext-debugsourcecentos-upgrade-rubygem-unicodecentos-upgrade-rubygem-unicode-debuginfocentos-upgrade-rubygem-unicode-debugsourcecentos-upgrade-rubygem-unicode-display_widthcentos-upgrade-rubygem-version_gemcentos-upgrade-satellite-clicentos-upgrade-satellite-clonecentos-upgrade-satellite-maintain

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today