VulnerableCode Package Details - pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.16.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.16.0

purl	pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.16.0

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-w8yc-azv8-yuh1	False Positive jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies. NOTE: the vendor's perspective is that this is not a valid vulnerability report, because the steps of constructing a cyclic data structure and trying to serialize it cannot be achieved by an external attacker.	CVE-2023-35116

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T12:51:24.134663+00:00	GitLab Importer	Fixing	VCID-w8yc-azv8-yuh1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.core/jackson-databind/CVE-2023-35116.yml	38.0.0