CVE-2020-36518

jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt