OVAL Reference oval:org.opensuse.security:def:202242003

Oval Definition:

oval:org.opensuse.security:def:202242003

Revision Date:	2023-06-22	Version:	1
Title:	CVE-2022-42003
Description:	In FasterXML jackson-databind before 2.14.0-rc1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. Additional fix version in 2.13.4.1 and 2.12.17.1
Family:	unix	Class:	vulnerability
Status:		Reference(s):	Mitre CVE-2022-42003 SUSE CVE-2022-42003 SUSE-SU-2022:3995-1
Platform(s):	SUSE Linux Enterprise Desktop 15 SP5 SUSE Linux Enterprise High Performance Computing 15 SP5 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Server 15 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SP5	Product(s):
Definition Synopsis
Release Information SUSE Linux Enterprise Desktop 15 SP5 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP5 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP5 is installed OR SUSE Linux Enterprise Server 15 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP5 is installed AND jackson-databind-2.13.4.2-150200.3.12.1 is installed