A Java StackOverflow exception and denial of service via a large depth of nested objects. Reference: https://github.com/FasterXML/jackson-databind/issues/2816
Created jackson-databind tracking bugs for this issue: Affects: fedora-all [bug 2064699]
Security advisory: https://github.com/advisories/GHSA-57j2-w4cx-62h2 Upstream commit: https://github.com/FasterXML/jackson-databind/commit/fcfc4998ec23f0b1f7f8a9521c2b317b6c25892b
This issue has been addressed in the following products: Red Hat Data Grid 8.3.1 Via RHSA-2022:2232 https://access.redhat.com/errata/RHSA-2022:2232
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform Via RHSA-2022:4922 https://access.redhat.com/errata/RHSA-2022:4922
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7 Via RHSA-2022:4918 https://access.redhat.com/errata/RHSA-2022:4918
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8 Via RHSA-2022:4919 https://access.redhat.com/errata/RHSA-2022:4919
This issue has been addressed in the following products: Red Hat AMQ 7.10.0 Via RHSA-2022:5101 https://access.redhat.com/errata/RHSA-2022:5101
This issue has been addressed in the following products: Red Hat build of Eclipse Vert.x 4.2.7 Via RHSA-2022:5029 https://access.redhat.com/errata/RHSA-2022:5029
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-36518
This issue has been addressed in the following products: Red Hat Fuse 7.11 Via RHSA-2022:5532 https://access.redhat.com/errata/RHSA-2022:5532
This issue has been addressed in the following products: Red Hat build of Quarkus 2.7.6 Via RHSA-2022:5596 https://access.redhat.com/errata/RHSA-2022:5596
This issue has been addressed in the following products: RHAF Camel-K 1.8 Via RHSA-2022:6407 https://access.redhat.com/errata/RHSA-2022:6407
This issue has been addressed in the following products: Red Hat Single Sign-On 7.5 for RHEL 7 Via RHSA-2022:6782 https://access.redhat.com/errata/RHSA-2022:6782
This issue has been addressed in the following products: Red Hat Single Sign-On 7.5 for RHEL 8 Via RHSA-2022:6783 https://access.redhat.com/errata/RHSA-2022:6783
This issue has been addressed in the following products: Red Hat Single Sign-On Via RHSA-2022:6787 https://access.redhat.com/errata/RHSA-2022:6787
This issue has been addressed in the following products: RHPAM 7.13.1 async Via RHSA-2022:6813 https://access.redhat.com/errata/RHSA-2022:6813
This issue has been addressed in the following products: Red Hat AMQ Streams 2.2.0 Via RHSA-2022:6819 https://access.redhat.com/errata/RHSA-2022:6819
This issue has been addressed in the following products: Red Hat Single Sign-On 7.6 for RHEL 8 Via RHSA-2022:7410 https://access.redhat.com/errata/RHSA-2022:7410
This issue has been addressed in the following products: Red Hat Single Sign-On 7.6 for RHEL 7 Via RHSA-2022:7409 https://access.redhat.com/errata/RHSA-2022:7409
This issue has been addressed in the following products: Red Hat Single Sign-On 7.6 for RHEL 9 Via RHSA-2022:7411 https://access.redhat.com/errata/RHSA-2022:7411
This issue has been addressed in the following products: Red Hat Single Sign-On 7.6.1 Via RHSA-2022:7417 https://access.redhat.com/errata/RHSA-2022:7417
This issue has been addressed in the following products: Logging subsystem for Red Hat OpenShift 5.4 Via RHSA-2022:7435 https://access.redhat.com/errata/RHSA-2022:7435
This issue has been addressed in the following products: RHOL-5.5-RHEL-8 Via RHSA-2022:8781 https://access.redhat.com/errata/RHSA-2022:8781
This issue has been addressed in the following products: OpenShift Logging 5.3 Via RHSA-2022:8889 https://access.redhat.com/errata/RHSA-2022:8889
This issue has been addressed in the following products: RHOL-5.6-RHEL-8 Via RHSA-2023:0264 https://access.redhat.com/errata/RHSA-2023:0264
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:2312 https://access.redhat.com/errata/RHSA-2023:2312
This issue has been addressed in the following products: Red Hat AMQ Streams 2.4.0 Via RHSA-2023:3223 https://access.redhat.com/errata/RHSA-2023:3223
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:3061 https://access.redhat.com/errata/RHSA-2024:3061