Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.13.0
purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.13.0
Next non-vulnerable version 2.13.4.2
Latest non-vulnerable version 2.16.0
Risk 4.0
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-2cup-9gdn-yyhk
Aliases:
CVE-2021-46877
GHSA-3x8x-79m2-3w2w
jackson-databind possible Denial of Service if using JDK serialization to serialize JsonNode jackson-databind 2.10.x through 2.12.x before 2.12.6 and 2.13.x before 2.13.1 allows attackers to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization.
2.13.1
Affected by 3 other vulnerabilities.
VCID-9h46-72hw-bkcr
Aliases:
CVE-2022-42003
GHSA-jjjh-jjxp-wpff
Multiple vulnerabilities have been found in FasterXML jackson-databind, the worst of which could result in denial of service.
2.13.4.2
Affected by 0 other vulnerabilities.
VCID-v2pq-1qhm-4qb9
Aliases:
CVE-2022-42004
GHSA-rgv9-q543-rqg4
Multiple vulnerabilities have been found in FasterXML jackson-databind, the worst of which could result in denial of service.
2.13.4
Affected by 1 other vulnerability.
VCID-v6ek-y7cn-kycd
Aliases:
CVE-2020-36518
GHSA-57j2-w4cx-62h2
Uncontrolled Resource Consumption jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.
2.13.2.1
Affected by 2 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T22:24:19.346027+00:00 GitLab Importer Affected by VCID-2cup-9gdn-yyhk https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.core/jackson-databind/CVE-2021-46877.yml 38.4.0
2026-04-16T22:11:54.477112+00:00 GitLab Importer Affected by VCID-v2pq-1qhm-4qb9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.core/jackson-databind/CVE-2022-42004.yml 38.4.0
2026-04-16T22:11:53.709908+00:00 GitLab Importer Affected by VCID-9h46-72hw-bkcr https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.core/jackson-databind/CVE-2022-42003.yml 38.4.0
2026-04-16T21:42:19.357079+00:00 GitLab Importer Affected by VCID-v6ek-y7cn-kycd https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.core/jackson-databind/CVE-2020-36518.yml 38.4.0
2026-04-11T23:42:29.511412+00:00 GitLab Importer Affected by VCID-2cup-9gdn-yyhk https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.core/jackson-databind/CVE-2021-46877.yml 38.3.0
2026-04-11T23:28:43.267561+00:00 GitLab Importer Affected by VCID-v2pq-1qhm-4qb9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.core/jackson-databind/CVE-2022-42004.yml 38.3.0
2026-04-11T23:28:42.464248+00:00 GitLab Importer Affected by VCID-9h46-72hw-bkcr https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.core/jackson-databind/CVE-2022-42003.yml 38.3.0
2026-04-11T22:57:49.309744+00:00 GitLab Importer Affected by VCID-v6ek-y7cn-kycd https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.core/jackson-databind/CVE-2020-36518.yml 38.3.0
2026-04-02T23:46:23.872238+00:00 GitLab Importer Affected by VCID-2cup-9gdn-yyhk https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.core/jackson-databind/CVE-2021-46877.yml 38.1.0
2026-04-02T23:34:27.207536+00:00 GitLab Importer Affected by VCID-v2pq-1qhm-4qb9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.core/jackson-databind/CVE-2022-42004.yml 38.1.0
2026-04-02T23:34:26.462676+00:00 GitLab Importer Affected by VCID-9h46-72hw-bkcr https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.core/jackson-databind/CVE-2022-42003.yml 38.1.0
2026-04-02T23:06:41.246110+00:00 GitLab Importer Affected by VCID-v6ek-y7cn-kycd https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.core/jackson-databind/CVE-2020-36518.yml 38.1.0
2026-04-02T16:59:08.698325+00:00 GHSA Importer Affected by VCID-2cup-9gdn-yyhk https://github.com/advisories/GHSA-3x8x-79m2-3w2w 38.1.0
2026-04-01T17:56:28.688375+00:00 GitLab Importer Affected by VCID-v2pq-1qhm-4qb9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.core/jackson-databind/CVE-2022-42004.yml 38.0.0
2026-04-01T17:56:27.889030+00:00 GitLab Importer Affected by VCID-9h46-72hw-bkcr https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.core/jackson-databind/CVE-2022-42003.yml 38.0.0
2026-04-01T16:03:35.340449+00:00 GHSA Importer Affected by VCID-v2pq-1qhm-4qb9 https://github.com/advisories/GHSA-rgv9-q543-rqg4 38.0.0
2026-04-01T16:03:35.304328+00:00 GHSA Importer Affected by VCID-9h46-72hw-bkcr https://github.com/advisories/GHSA-jjjh-jjxp-wpff 38.0.0
2026-04-01T16:00:04.567207+00:00 GHSA Importer Affected by VCID-v6ek-y7cn-kycd https://github.com/advisories/GHSA-57j2-w4cx-62h2 38.0.0
2026-04-01T12:51:01.251576+00:00 GitLab Importer Affected by VCID-2cup-9gdn-yyhk https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.core/jackson-databind/CVE-2021-46877.yml 38.0.0
2026-04-01T12:49:40.519002+00:00 GitLab Importer Affected by VCID-v6ek-y7cn-kycd https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.core/jackson-databind/CVE-2020-36518.yml 38.0.0