Public CVE-2022-21819 disclosure

jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.