Apiman Manager API affected by Jackson denial of service vulnerability
Impact Due to a vulnerability in jackson-databind <= 2.12.6.0, an authenticated attacker could craft an Apiman policy configuration which, when saved, may cause a denial of service on the Apiman Manager API. This does not affect the Apiman Gateway. Patches Upgrade to Apiman 3.0.0.Final or later. If you are using an older version of Apiman and need to remain on that version, contact your Apiman support provider for advice/long-term support. …