INFSA-2024:3061: pki-core:10.6 and pki-deps:10.6 security update
Information about definition
Identificator: INFSA-2024:3061
Type: security
Release date: 2024-10-10 05:57:41 UTC
Information about package
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.
Vulnerabilities description
- CVE-2020-36518
jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2020-36518
|
no information | 7.5 | no information |
Updated packages