[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-42004":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":24,"aliases":42,"duplicate_of":9,"upstream":44,"downstream":45,"duplicates":80,"related":81,"reserved_at":9,"published_at":94,"modified_at":95,"state":96,"summary":97,"references_raw":105,"kevs":168,"epss":169,"epss_history":172,"metrics":440,"affected":451},"CVE-2022-42004","In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-502","Deserialization of Untrusted Data","The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.","weakness","Draft","Base","Medium",[20],{"id":21,"name":22,"techniques":23},"CAPEC-586","Object Injection",[],[25,34],{"_key":26,"name":27,"source":28,"url":29,"maturity":30,"reliability_score":31,"verified":32,"type":9,"platforms":33,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_FASTERXML_JACKSON-DATABIND","Jackson Databind","github","https://github.com/FasterXML/jackson-databind/issues/3328","poc",0.3,false,[],{"_key":35,"name":36,"source":37,"url":38,"maturity":39,"reliability_score":40,"verified":32,"type":9,"platforms":41,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_286098FB327C08A9","Exploit Reference (bugs.chromium.org)","reference","https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50490","unknown",0.2,[],[43],"GHSA-rgv9-q543-rqg4",[],[46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78],{"_key":47},"SUSE-SU-2022:3995-1",{"_key":49},"DLA-3207-1",{"_key":51},"DSA-5283-1",{"_key":53},"MGASA-2024-0069",{"_key":55},"DEBIAN-CVE-2022-42004",{"_key":57},"RHSA-2023:1064",{"_key":59},"RHSA-2023:2097",{"_key":61},"RHSA-2023:3663",{"_key":63},"UBUNTU-CVE-2022-42004",{"_key":65},"RHSA-2025:1746",{"_key":67},"RHSA-2023:0552",{"_key":69},"RHSA-2023:0553",{"_key":71},"RHSA-2023:0554",{"_key":73},"RHSA-2023:1043",{"_key":75},"RHSA-2023:1044",{"_key":77},"RHSA-2023:1045",{"_key":79},"RHSA-2025:1747",[],[82,83,84,86,88,90,92],{"_key":47},{"_key":53},{"_key":85},"CGA-3895-M462-85V8",{"_key":87},"CGA-53RJ-39M2-53XG",{"_key":89},"CGA-C8Q6-4QP3-VQHH",{"_key":91},"CGA-CW73-CCXX-93PC",{"_key":93},"CGA-G8R9-2X26-QC63","2022-10-02T00:00:00.000Z","2024-08-03T12:56:39.182Z","Modified",{"cisa_kev":32,"cisa_ransomware":32,"cisa_vendor":9,"epss_severity":98,"epss_score":99,"severity":100,"severity_score":101,"severity_version":102,"severity_source":103,"severity_vector":104,"severity_status":96},"low",0.0025,"high",7.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",[106,116,121,125,130,134,138,142,147,151,155,160,164],{"url":107,"sources":108,"tags":111},"https://github.com/FasterXML/jackson-databind/issues/3582",[109,103,110],"cve.org","osv_maven",[112,113,114,115],"Exploit","Issue Tracking","Third Party Advisory","WEB",{"url":117,"sources":118,"tags":119},"https://github.com/FasterXML/jackson-databind/commit/063183589218fec19a9293ed2f17ec53ea80ba88",[109,103,110],[120,114,115],"Patch",{"url":38,"sources":122,"tags":123},[109,103,110],[112,113,124,120,114,115],"Mailing List",{"url":126,"sources":127,"tags":128},"https://security.gentoo.org/glsa/202210-21",[109,103,110],[129,114,115],"Vendor Advisory",{"url":131,"sources":132,"tags":133},"https://www.debian.org/security/2022/dsa-5283",[109,103,110],[129,114,115],{"url":135,"sources":136,"tags":137},"https://security.netapp.com/advisory/ntap-20221118-0008/",[109,103],[114],{"url":139,"sources":140,"tags":141},"https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html",[109,103,110],[124,114,115],{"url":143,"sources":144,"tags":145},"https://nvd.nist.gov/vuln/detail/CVE-2022-42004",[110],[146],"Advisory",{"url":148,"sources":149,"tags":150},"https://github.com/FasterXML/jackson-databind/commit/35de19e7144c4df8ab178b800ba86e80c3d84252",[110],[115],{"url":152,"sources":153,"tags":154},"https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea",[110],[115],{"url":156,"sources":157,"tags":158},"https://github.com/FasterXML/jackson-databind",[110],[159],"PACKAGE",{"url":161,"sources":162,"tags":163},"https://security.netapp.com/advisory/ntap-20221118-0008",[110],[115],{"url":165,"sources":166,"tags":167},"https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1",[110],[115],[],{"date":170,"score":99,"percentile":171},"2026-06-04",0.48467,[173,177,180,183,186,188,191,194,197,200,203,205,208,211,214,218,221,224,227,229,232,235,238,240,243,246,249,252,256,259,262,265,268,270,273,276,279,282,285,289,292,295,298,301,304,307,311,314,317,320,323,326,329,332,336,339,342,345,348,352,355,358,361,364,367,370,373,375,378,381,384,387,390,393,396,398,401,404,407,409,412,414,417,420,423,426,429,432,435,437],{"date":174,"score":175,"percentile":176},"2025-11-04",0.00303,0.53141,{"date":178,"score":175,"percentile":179},"2025-11-05",0.53113,{"date":181,"score":175,"percentile":182},"2025-11-06",0.53129,{"date":184,"score":175,"percentile":185},"2025-11-07",0.53153,{"date":187,"score":175,"percentile":185},"2025-11-08",{"date":189,"score":175,"percentile":190},"2025-11-09",0.53151,{"date":192,"score":175,"percentile":193},"2025-11-10",0.53126,{"date":195,"score":175,"percentile":196},"2025-11-11",0.53139,{"date":198,"score":175,"percentile":199},"2025-11-12",0.53166,{"date":201,"score":175,"percentile":202},"2025-11-13",0.53173,{"date":204,"score":175,"percentile":202},"2025-11-14",{"date":206,"score":175,"percentile":207},"2025-11-15",0.5317,{"date":209,"score":175,"percentile":210},"2025-11-16",0.53152,{"date":212,"score":175,"percentile":213},"2025-11-17",0.53134,{"date":215,"score":216,"percentile":217},"2025-11-18",0.01645,0.80449,{"date":219,"score":216,"percentile":220},"2025-11-19",0.80451,{"date":222,"score":216,"percentile":223},"2025-11-20",0.80457,{"date":225,"score":175,"percentile":226},"2025-11-21",0.5315,{"date":228,"score":175,"percentile":190},"2025-11-22",{"date":230,"score":175,"percentile":231},"2025-11-23",0.53109,{"date":233,"score":175,"percentile":234},"2025-11-24",0.531,{"date":236,"score":175,"percentile":237},"2025-11-25",0.53107,{"date":239,"score":175,"percentile":231},"2025-11-26",{"date":241,"score":175,"percentile":242},"2025-11-27",0.53114,{"date":244,"score":175,"percentile":245},"2025-11-28",0.53088,{"date":247,"score":175,"percentile":248},"2025-11-29",0.53067,{"date":250,"score":175,"percentile":251},"2025-11-30",0.53061,{"date":253,"score":254,"percentile":255},"2025-12-01",0.00251,0.48325,{"date":257,"score":254,"percentile":258},"2025-12-02",0.48341,{"date":260,"score":254,"percentile":261},"2025-12-03",0.48336,{"date":263,"score":175,"percentile":264},"2025-12-04",0.53075,{"date":266,"score":175,"percentile":267},"2025-12-05",0.53095,{"date":269,"score":175,"percentile":267},"2025-12-06",{"date":271,"score":175,"percentile":272},"2025-12-07",0.53084,{"date":274,"score":175,"percentile":275},"2025-12-08",0.53082,{"date":277,"score":175,"percentile":278},"2025-12-09",0.53098,{"date":280,"score":175,"percentile":281},"2025-12-10",0.53157,{"date":283,"score":175,"percentile":284},"2025-12-11",0.53177,{"date":286,"score":287,"percentile":288},"2025-12-12",0.00259,0.49072,{"date":290,"score":287,"percentile":291},"2025-12-13",0.49056,{"date":293,"score":287,"percentile":294},"2025-12-14",0.49045,{"date":296,"score":287,"percentile":297},"2025-12-15",0.49028,{"date":299,"score":287,"percentile":300},"2025-12-16",0.49037,{"date":302,"score":287,"percentile":303},"2025-12-17",0.4906,{"date":305,"score":287,"percentile":306},"2025-12-18",0.49103,{"date":308,"score":309,"percentile":310},"2025-12-19",0.00282,0.51333,{"date":312,"score":309,"percentile":313},"2025-12-20",0.51297,{"date":315,"score":309,"percentile":316},"2025-12-21",0.51272,{"date":318,"score":309,"percentile":319},"2025-12-22",0.51253,{"date":321,"score":309,"percentile":322},"2025-12-23",0.51255,{"date":324,"score":309,"percentile":325},"2025-12-24",0.51268,{"date":327,"score":309,"percentile":328},"2025-12-25",0.51315,{"date":330,"score":309,"percentile":331},"2025-12-26",0.51306,{"date":333,"score":334,"percentile":335},"2025-12-27",0.00237,0.46819,{"date":337,"score":309,"percentile":338},"2025-12-28",0.51254,{"date":340,"score":309,"percentile":341},"2025-12-29",0.51233,{"date":343,"score":309,"percentile":344},"2025-12-30",0.51229,{"date":346,"score":309,"percentile":347},"2025-12-31",0.51267,{"date":349,"score":350,"percentile":351},"2026-01-01",0.00273,0.50637,{"date":353,"score":350,"percentile":354},"2026-01-02",0.50617,{"date":356,"score":350,"percentile":357},"2026-01-03",0.5061,{"date":359,"score":309,"percentile":360},"2026-01-04",0.51236,{"date":362,"score":309,"percentile":363},"2026-01-05",0.51217,{"date":365,"score":287,"percentile":366},"2026-01-06",0.49006,{"date":368,"score":287,"percentile":369},"2026-01-07",0.49023,{"date":371,"score":287,"percentile":372},"2026-01-08",0.49046,{"date":374,"score":287,"percentile":369},"2026-01-09",{"date":376,"score":287,"percentile":377},"2026-01-10",0.49018,{"date":379,"score":287,"percentile":380},"2026-01-11",0.48999,{"date":382,"score":287,"percentile":383},"2026-01-12",0.48956,{"date":385,"score":287,"percentile":386},"2026-01-13",0.48933,{"date":388,"score":287,"percentile":389},"2026-01-14",0.4898,{"date":391,"score":287,"percentile":392},"2026-01-15",0.48981,{"date":394,"score":287,"percentile":395},"2026-01-16",0.49003,{"date":397,"score":287,"percentile":389},"2026-01-17",{"date":399,"score":287,"percentile":400},"2026-01-18",0.48952,{"date":402,"score":287,"percentile":403},"2026-01-19",0.48929,{"date":405,"score":287,"percentile":406},"2026-01-20",0.48931,{"date":408,"score":287,"percentile":403},"2026-01-21",{"date":410,"score":287,"percentile":411},"2026-01-22",0.48935,{"date":413,"score":287,"percentile":392},"2026-01-23",{"date":415,"score":287,"percentile":416},"2026-01-24",0.48985,{"date":418,"score":287,"percentile":419},"2026-01-25",0.48934,{"date":421,"score":287,"percentile":422},"2026-01-26",0.48904,{"date":424,"score":287,"percentile":425},"2026-01-27",0.4891,{"date":427,"score":287,"percentile":428},"2026-01-28",0.48922,{"date":430,"score":287,"percentile":431},"2026-01-29",0.48915,{"date":433,"score":287,"percentile":434},"2026-01-30",0.48923,{"date":436,"score":287,"percentile":403},"2026-01-31",{"date":438,"score":254,"percentile":439},"2026-02-01",0.48261,[441,446],{"source":103,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":442,"cvss_v4_0":9},{"baseScore":101,"baseSeverity":443,"vectorString":104,"impactScore":444,"exploitabilityScore":445},"HIGH",6,10,{"source":110,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":447,"cvss_v4_0":448},{"baseScore":101,"baseSeverity":9,"vectorString":104,"impactScore":444,"exploitabilityScore":445},{"baseScore":449,"baseSeverity":9,"vectorString":450,"impactScore":9,"exploitabilityScore":9},8.2,"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",[452,463,478,492,499],{"ecosystem":9,"name":453,"vendor":454,"product":455,"cpe_part":456,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":457},"debian linux","debian","debian_linux","o",[458,461],{"version":459,"is_range":32,"range_type":460,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0","cpe",{"version":462,"is_range":32,"range_type":460,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0",{"ecosystem":9,"name":464,"vendor":465,"product":464,"cpe_part":466,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":467},"jackson-databind","fasterxml","a",[468,473],{"version":469,"is_range":470,"range_type":460,"version_start":9,"version_start_type":9,"version_end":471,"version_end_type":472,"fixed_in":9},"lt2.12.7.1",true,"2.12.7.1","excluding",{"version":474,"is_range":470,"range_type":460,"version_start":475,"version_start_type":476,"version_end":477,"version_end_type":472,"fixed_in":9},"gte2.13.0_lt2.13.4","2.13.0","including","2.13.4",{"ecosystem":479,"name":480,"vendor":481,"product":464,"cpe_part":9,"purl_type":482,"purl_namespace":481,"purl_name":464,"source":9,"versions":483},"Maven","com.fasterxml.jackson.core:jackson-databind","com.fasterxml.jackson.core","maven",[484,487,490],{"version":485,"is_range":470,"range_type":486,"version_start":9,"version_start_type":9,"version_end":471,"version_end_type":472,"fixed_in":9},"lt2_12_7_1","ecosystem",{"version":488,"is_range":470,"range_type":486,"version_start":489,"version_start_type":476,"version_end":471,"version_end_type":472,"fixed_in":9},"gte2_4_0_rc1_lt2_12_7_1","2.4.0-rc1",{"version":491,"is_range":470,"range_type":486,"version_start":475,"version_start_type":476,"version_end":477,"version_end_type":472,"fixed_in":9},"gte2_13_0_lt2_13_4",{"ecosystem":9,"name":493,"vendor":494,"product":495,"cpe_part":466,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":496},"oncommand workflow automation","netapp","oncommand_workflow_automation",[497],{"version":498,"is_range":32,"range_type":460,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"na",{"ecosystem":9,"name":500,"vendor":500,"product":500,"cpe_part":466,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":501},"quarkus",[502],{"version":503,"is_range":470,"range_type":460,"version_start":9,"version_start_type":9,"version_end":475,"version_end_type":472,"fixed_in":9},"lt2.13.0"]