VDB
RHSA-2022%3A0296
RHSA-2022%3A0296
PUBLISHED
CVSS 7.5 HIGH
This affects the package com.fasterxml.jackson.dataformat:jackson-dataformat-cbor from 0 and before 2.11.4, from 2.12.0-rc1 and before 2.12.1. Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | RHPAM 7.12.0 |
Timeline
- Jun 28, 2021 PoC Published
- Dec 10, 2021 PoC Published
- Dec 11, 2021 PoC Published
- Dec 13, 2021 PoC Published
- Jan 26, 2022 CVE Published
- Jun 7, 2022 PoC Published
- Sep 16, 2022 PoC Published
- Nov 21, 2023 PoC Published
- Dec 8, 2023 PoC Published
- Dec 11, 2023 PoC Published
- Mar 1, 2024 PoC Published
- Apr 5, 2024 PoC Published
References
- https://access.redhat.com/errata/RHSA-2022:0296 advisory
- https://access.redhat.com/security/updates/classification/#critical advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1923405 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1930423 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1966735 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1997763 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1997765 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1997769 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1997772 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1997775 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1997777 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1997779 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1997781 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1997784 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1997786 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1997791 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1997793 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1997795 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1997801 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2030932 issue
…and 78 more