VIR Vulnerability Intelligence Relay

Package impact

java Maven / com.fasterxml.jackson.core:jackson-databind

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2020-9546 critical 9.8 9.8 6y ago Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update debianrockylinuxjava
CVE-2020-11113 high 8.8 8.8 6y ago FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa). debianjava
CVE-2020-11112 high 8.8 8.8 6y ago FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commo… debianjava
CVE-2020-36183 high 8.1 8.1 6y ago Unsafe Deserialization in jackson-databind debianjava
CVE-2020-35728 high 8.1 8.1 6y ago FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka e… susedebianjava
CVE-2020-14060 high 8.1 8.1 6y ago Deserialization of untrusted data in Jackson Databind debianjava
CVE-2020-14062 high 8.1 8.1 6y ago Deserialization of untrusted data in Jackson Databind debianjava
CVE-2020-11619 high 8.1 8.1 6y ago jackson-databind mishandles the interaction between serialization gadgets and typing debianjava
CVE-2022-42004 high 8.0 4y ago Uncontrolled Resource Consumption in FasterXML jackson-databind rockylinuxsusedebianjava
CVE-2022-42003 high 8.0 4y ago In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, … rockylinuxsusedebianjava
CVE-2019-12384 high 8.0 7y ago Important: pki-deps:10.6 security update debianrockylinuxjava
CVE-2020-36518 medium 5.5 3y ago Moderate: jackson security update redhatsusedebianjava
CVE-2020-9547 medium 5.5 6y ago Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update debianrockylinuxjava
CVE-2020-10673 medium 5.5 6y ago Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update debianrockylinuxjava
CVE-2020-9548 medium 5.5 6y ago Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update debianrockylinuxjava
CVE-2020-10672 medium 5.5 6y ago Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update debianrockylinuxjava
CVE-2020-8840 medium 5.5 6y ago Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update debianrockylinuxjava
CVE-2019-20330 medium 5.5 6y ago Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update susedebianrockylinuxjava
CVE-2019-17531 medium 5.5 7y ago Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update debianrockylinuxjava
CVE-2019-16943 medium 5.5 7y ago Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update susedebianrockylinuxjava
CVE-2019-16942 medium 5.5 7y ago Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update debianrockylinuxjava
CVE-2019-16335 medium 5.5 7y ago Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update debianrockylinuxjava
CVE-2019-14540 medium 5.5 7y ago Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update susedebianrockylinuxjava
CVE-2020-25649 unknown 5y ago XML External Entity (XXE) Injection in Jackson Databind susedebianjava