CVE-2023-35116: An issue was discovered jackson-databind thru 2.15.2 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies. It appears this person (semi-?) automatedly reported many of these issues at once in various things. jackson-databind is not sure it's a real security bug, so I'll call it invalid.