In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check-in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.
Products Confirmed Not Affected
No Brocade Fibre Channel Products from Broadcom products are known to be affected by this vulnerability.