CVE-2020-28491

Summary

This affects the package com.fasterxml.jackson.dataformat:jackson-dataformat-cbor from 0 and before 2.11.4, from 2.12.0-rc1 and before 2.12.1. Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception.

Affected Software

VendorProductVersion RangeStatus
n/acom.fasterxml.jackson.dataformat:jackson-dataformat-cbor0 < unspecifiedaffected
n/acom.fasterxml.jackson.dataformat:jackson-dataformat-cborunspecified < 2.11.4affected
n/acom.fasterxml.jackson.dataformat:jackson-dataformat-cbor2.12.0-rc1 < unspecifiedaffected
n/acom.fasterxml.jackson.dataformat:jackson-dataformat-cborunspecified < 2.12.1affected

Weaknesses

  • Denial of Service (DoS)

ADP Enrichment

CVE Program Container

Additional References

References