CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

This affects the package com.fasterxml.jackson.dataformat:jackson-dataformat-cbor from 0 and before 2.11.4, from 2.12.0-rc1 and before 2.12.1. Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception.

*   **Attack Complexity**
    
    Low
    
*   **Availability**
    
    High
    

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

*   **snyk-id**
    
    SNYK-JAVA-COMFASTERXMLJACKSONDATAFORMAT-1047329
    
*   **published**
    
    26 Jan 2021
    
*   **disclosed**
    
    26 Jan 2021
    
*   **credit**
    
    cowtowncoder
    

**How to fix?**

**Overview**

**Details**

**References**

Headline

CVE-2020-28491: Denial of Service (DoS) in com.fasterxml.jackson.dataformat:jackson-dataformat-cbor | CVE-2020-28491 | Snyk

CVE: Latest News