VulnerableCode Package Details - pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.13.0-rc1

Search for packages

Vulnerability	Summary	Fixed by
VCID-213j-gkjs-aaab Aliases: CVE-2023-35116	DISPUTED jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies. NOTE: the vendor's perspective is that this is not a valid vulnerability report, because the steps of constructing a cyclic data structure and trying to serialize it cannot be achieved by an external attacker.	2.15.3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 2.16.0 Affected by 0 other vulnerabilities.
VCID-gqhw-ngh8-aaap Aliases: CVE-2022-42004 GHSA-rgv9-q543-rqg4	Deserialization of Untrusted Data in FasterXML jackson-databind	2.13.4 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-t7e4-g3fr-aaan Aliases: CVE-2022-42003 GHSA-jjjh-jjxp-wpff	Deserialization of Untrusted Data in FasterXML jackson-databind	2.13.4.1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.13.4.2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.14.0-rc1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-213j-gkjs-aaab
Aliases:
CVE-2023-35116

** DISPUTED ** jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies. NOTE: the vendor's perspective is that this is not a valid vulnerability report, because the steps of constructing a cyclic data structure and trying to serialize it cannot be achieved by an external attacker.

2.15.3
Affected by 1 other vulnerability.

2.16.0
Affected by 0 other vulnerabilities.

VCID-gqhw-ngh8-aaap
Aliases:
CVE-2022-42004
GHSA-rgv9-q543-rqg4

Deserialization of Untrusted Data in FasterXML jackson-databind

2.13.4
Affected by 2 other vulnerabilities.

VCID-t7e4-g3fr-aaan
Aliases:
CVE-2022-42003
GHSA-jjjh-jjxp-wpff

Deserialization of Untrusted Data in FasterXML jackson-databind

2.13.4.1
Affected by 2 other vulnerabilities.

2.13.4.2
Affected by 2 other vulnerabilities.

2.14.0-rc1
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-20T16:34:18.069267+00:00	GitLab Importer	Affected by	VCID-213j-gkjs-aaab	None	36.1.3
2025-06-20T16:34:00.185903+00:00	GitLab Importer	Affected by	VCID-213j-gkjs-aaab	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.core/jackson-databind/CVE-2023-35116.yml	36.1.3
2025-06-03T23:13:13.570896+00:00	GitLab Importer	Affected by	VCID-213j-gkjs-aaab	None	36.1.0
2025-06-03T23:12:54.530097+00:00	GitLab Importer	Affected by	VCID-213j-gkjs-aaab	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.core/jackson-databind/CVE-2023-35116.yml	36.1.0
2025-06-02T23:10:13.070408+00:00	GitLab Importer	Affected by	VCID-213j-gkjs-aaab	None	36.1.2
2025-06-02T23:09:54.170192+00:00	GitLab Importer	Affected by	VCID-213j-gkjs-aaab	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.core/jackson-databind/CVE-2023-35116.yml	36.1.2
2025-04-03T21:18:18.151429+00:00	GitLab Importer	Affected by	VCID-213j-gkjs-aaab	None	36.0.0
2025-04-03T21:18:00.787333+00:00	GitLab Importer	Affected by	VCID-213j-gkjs-aaab	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.core/jackson-databind/CVE-2023-35116.yml	36.0.0
2025-02-18T01:01:58.822289+00:00	GitLab Importer	Affected by	VCID-213j-gkjs-aaab	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.core/jackson-databind/CVE-2023-35116.yml	35.1.0
2025-02-18T01:01:57.740203+00:00	GitLab Importer	Affected by	VCID-213j-gkjs-aaab	None	35.1.0
2024-04-24T02:39:18.757048+00:00	GitLab Importer	Affected by	VCID-213j-gkjs-aaab	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.core/jackson-databind/CVE-2023-35116.yml	34.0.0rc4
2024-04-24T02:39:17.721454+00:00	GitLab Importer	Affected by	VCID-213j-gkjs-aaab	None	34.0.0rc4
2024-04-23T23:44:54.606720+00:00	GHSA Importer	Affected by	VCID-gqhw-ngh8-aaap	None	34.0.0rc4
2024-04-23T23:44:41.107091+00:00	GHSA Importer	Affected by	VCID-t7e4-g3fr-aaan	None	34.0.0rc4
2024-01-10T05:14:37.487476+00:00	GitLab Importer	Affected by	VCID-213j-gkjs-aaab	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.core/jackson-databind/CVE-2023-35116.yml	34.0.0rc2
2024-01-10T05:14:36.456809+00:00	GitLab Importer	Affected by	VCID-213j-gkjs-aaab	None	34.0.0rc2
2024-01-10T01:47:13.586817+00:00	GHSA Importer	Affected by	VCID-gqhw-ngh8-aaap	None	34.0.0rc2
2024-01-10T01:47:02.348854+00:00	GHSA Importer	Affected by	VCID-t7e4-g3fr-aaan	None	34.0.0rc2
2024-01-03T22:02:27.736608+00:00	GitLab Importer	Affected by	VCID-213j-gkjs-aaab	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.core/jackson-databind/CVE-2023-35116.yml	34.0.0rc1
2024-01-03T22:02:26.732829+00:00	GitLab Importer	Affected by	VCID-213j-gkjs-aaab	None	34.0.0rc1

2025-06-20T16:34:18.069267+00:00

GitLab Importer

Affected by

Next non-vulnerable version	2.16.0
Latest non-vulnerable version	2.16.0
Risk	4.0