jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies. NOTE: the vendor's perspective is that this is not a valid vulnerability report, because the steps of constructing a cyclic data structure and trying to serialize it cannot be achieved by an external attacker.
jenkins-2-plugins Red Hat / RHEL
mta/mta Red Hat / RHEL
Fixed in: rhel8-operator@sha256:e1e6f80467054b95379c1b482800a656917e1cfd35d8fac2d4f6ff4091088a67_amd64 RHSA-2024:1027 Fixed in: hub-rhel9@sha256:b232b42b2de4be2d7c67ef2418070b155b79a275e2cbba343a04c22c1e016662_amd64 RHSA-2024:1027 Fixed in: operator-bundle@sha256:d142049160f51b71f1c9d970e23824952ca35e7c2e23d6c8753a33e727b87b81_amd64 RHSA-2024:1027 Fixed in: pathfinder-rhel9@sha256:781aef6a3a23c765a31e38a36ebc4c40957249888532f46a77d320f416816508_amd64 RHSA-2024:1027 Fixed in: ui-rhel9@sha256:2e10de6bd9bb24a03579f555b71e6ff57f2c9d74cf3b79ec42e9dba4cab628a1_amd64 RHSA-2024:1027 mta/mta Rocky
Fixed in: pathfinder-rhel9@sha256:781aef6a3a23c765a31e38a36ebc4c40957249888532f46a77d320f416816508_amd64 RHSA-2024:1027 Fixed in: ui-rhel9@sha256:2e10de6bd9bb24a03579f555b71e6ff57f2c9d74cf3b79ec42e9dba4cab628a1_amd64 RHSA-2024:1027 Fixed in: hub-rhel9@sha256:b232b42b2de4be2d7c67ef2418070b155b79a275e2cbba343a04c22c1e016662_amd64 RHSA-2024:1027 Fixed in: operator-bundle@sha256:d142049160f51b71f1c9d970e23824952ca35e7c2e23d6c8753a33e727b87b81_amd64 RHSA-2024:1027 Fixed in: rhel8-operator@sha256:e1e6f80467054b95379c1b482800a656917e1cfd35d8fac2d4f6ff4091088a67_amd64 RHSA-2024:1027 mta/mta-windup Red Hat / RHEL
Fixed in: addon-rhel9@sha256:73671e9d3c4bf624d1a6745c5002b93b158519abf6b13c7bb0e1491d873316fc_amd64 RHSA-2024:1027 mta/mta-windup Rocky
Fixed in: addon-rhel9@sha256:73671e9d3c4bf624d1a6745c5002b93b158519abf6b13c7bb0e1491d873316fc_amd64 RHSA-2024:1027 mtr/mtr Red Hat / RHEL
Fixed in: operator-bundle@sha256:8723ff82aa53d56530e923340289f549f9cae9d1d66ae6559d07db9535c53c4b_ppc64le RHSA-2024:0719 Fixed in: operator-bundle@sha256:9046593959cf11bc952f5bda39478fd5abc3e7ab5c61a4fdf96d15897aa0d78f_s390x RHSA-2024:0719 Fixed in: rhel8-operator@sha256:61cdc15df15d08b2d133bc4f8fe31bffbee209de1faf9ccc5cf1285c2a6aca1c_s390x RHSA-2024:0719 Fixed in: operator-bundle@sha256:8c91c79d241c860d9dbf64ad02ce319dd4b4787f7f2c8a14d2d685624806ed04_arm64 RHSA-2024:0719 Fixed in: rhel8-operator@sha256:ef4ecb153b4b8b14d63f7d331ffe158b180120e20ce94599e6a7cfa74fa49b6a_arm64 RHSA-2024:0719 Fixed in: operator-bundle@sha256:b786a18de43145dbe1ec6a137bf6dbe72adca095146c7158424eda0ad84abd82_amd64 RHSA-2024:0719 Fixed in: rhel8-operator@sha256:c8b896612d3682641298ddd7502cda0ef6425c53b724aa3bfd4a31352c960087_amd64 RHSA-2024:0719 Fixed in: rhel8-operator@sha256:8e4b3b5bb06df89b119bb93234aec29660ff03481298074c2f011f74d4c185f0_ppc64le RHSA-2024:0719 mtr/mtr Rocky
Fixed in: operator-bundle@sha256:9046593959cf11bc952f5bda39478fd5abc3e7ab5c61a4fdf96d15897aa0d78f_s390x RHSA-2024:0719 Fixed in: rhel8-operator@sha256:61cdc15df15d08b2d133bc4f8fe31bffbee209de1faf9ccc5cf1285c2a6aca1c_s390x RHSA-2024:0719 Fixed in: operator-bundle@sha256:8c91c79d241c860d9dbf64ad02ce319dd4b4787f7f2c8a14d2d685624806ed04_arm64 RHSA-2024:0719 Fixed in: rhel8-operator@sha256:ef4ecb153b4b8b14d63f7d331ffe158b180120e20ce94599e6a7cfa74fa49b6a_arm64 RHSA-2024:0719 Fixed in: operator-bundle@sha256:b786a18de43145dbe1ec6a137bf6dbe72adca095146c7158424eda0ad84abd82_amd64 RHSA-2024:0719 Fixed in: rhel8-operator@sha256:c8b896612d3682641298ddd7502cda0ef6425c53b724aa3bfd4a31352c960087_amd64 RHSA-2024:0719 Fixed in: operator-bundle@sha256:8723ff82aa53d56530e923340289f549f9cae9d1d66ae6559d07db9535c53c4b_ppc64le RHSA-2024:0719 Fixed in: rhel8-operator@sha256:8e4b3b5bb06df89b119bb93234aec29660ff03481298074c2f011f74d4c185f0_ppc64le RHSA-2024:0719 mtr/mtr-web Rocky
Fixed in: container-rhel8@sha256:34e91adfb0c4a0ce3be35cefd7c6c585fa866a150629c06c06555c34933f7cbc_amd64 RHSA-2024:0719 Fixed in: container-rhel8@sha256:a864b9445262878cb0066ae7101c1a1998ce335bb72ce013ac561d19a021eb22_s390x RHSA-2024:0719 Fixed in: container-rhel8@sha256:a314c3e344566e9772b609e5aacffcc78fee8f7d56002f6d9d97d7cba572d6ae_ppc64le RHSA-2024:0719 mtr/mtr-web Red Hat / RHEL
Fixed in: container-rhel8@sha256:34e91adfb0c4a0ce3be35cefd7c6c585fa866a150629c06c06555c34933f7cbc_amd64 RHSA-2024:0719 Fixed in: container-rhel8@sha256:a864b9445262878cb0066ae7101c1a1998ce335bb72ce013ac561d19a021eb22_s390x RHSA-2024:0719 Fixed in: container-rhel8@sha256:a314c3e344566e9772b609e5aacffcc78fee8f7d56002f6d9d97d7cba572d6ae_ppc64le RHSA-2024:0719 mtr/mtr-web-executor Red Hat / RHEL
Fixed in: container-rhel8@sha256:c58c38ea26dfa2d07d73bdc403c7645574ddc9ee17304fcc5d61ff876dcf6097_arm64 RHSA-2024:0719 Fixed in: container-rhel8@sha256:d79c7de19d3b751331fc64d53f1ebe27b71ab3a92dda65fa44ddf0e9e7e24bbd_amd64 RHSA-2024:0719 Fixed in: container-rhel8@sha256:cd600c6d2f9b7c5f1863586c39f66951d37b0e6098f455c3f65cc9a783d05158_ppc64le RHSA-2024:0719 Fixed in: container-rhel8@sha256:91164350574d037eea7f4a456213977fbd34bf78a150e1efa9f58360295e97e4_s390x RHSA-2024:0719 mtr/mtr-web-executor Rocky
Fixed in: container-rhel8@sha256:c58c38ea26dfa2d07d73bdc403c7645574ddc9ee17304fcc5d61ff876dcf6097_arm64 RHSA-2024:0719 Fixed in: container-rhel8@sha256:cd600c6d2f9b7c5f1863586c39f66951d37b0e6098f455c3f65cc9a783d05158_ppc64le RHSA-2024:0719 Fixed in: container-rhel8@sha256:91164350574d037eea7f4a456213977fbd34bf78a150e1efa9f58360295e97e4_s390x RHSA-2024:0719 Fixed in: container-rhel8@sha256:d79c7de19d3b751331fc64d53f1ebe27b71ab3a92dda65fa44ddf0e9e7e24bbd_amd64 RHSA-2024:0719 Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.
Exploitability
Attack Vector Local
Attack Complexity High
Privileges Required Low
User Interaction None
Scope Unchanged
Impact
Confidentiality None
Integrity None
Availability High
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
0.35% probability of exploitation in 30 days
27th percentile
Low risk: more likely to be exploited than 27% of all known CVEs.
Other CWE-770 (Allocation of Resources Without Limits or Throttling) vulnerabilities, ordered by exploit likelihood. View all
Embed a live status badge for CVE-2023-35116 Markdown
[](https://tridentstack.com/cve/CVE-2023-35116)HTML
<a href="https://tridentstack.com/cve/CVE-2023-35116"><img src="https://tridentstack.com/cve/badge/CVE-2023-35116.svg" alt="CVE-2023-35116"></a>Find and fix vulnerabilities across your fleet TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.
Start free This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.