Package impact

Maven / com.fasterxml.jackson.core:jackson-databind

critical high medium low unknown

0

KEV Has exploit

CVE	Severity	CVSS	Risk	Published	Description	Impact
CVE-2020-9546	critical	9.8	9.8	6y ago	jackson-databind mishandles the interaction between serialization gadgets and typing
CVE-2020-36518	medium	—	5.5	3y ago	Deeply nested json in jackson-databind
CVE-2020-9547	medium	—	5.5	6y ago	jackson-databind mishandles the interaction between serialization gadgets and typing
CVE-2020-10673	medium	—	5.5	6y ago	jackson-databind mishandles the interaction between serialization gadgets and typing
CVE-2020-9548	medium	—	5.5	6y ago	jackson-databind mishandles the interaction between serialization gadgets and typing
CVE-2020-10672	medium	—	5.5	6y ago	jackson-databind mishandles the interaction between serialization gadgets and typing
CVE-2020-8840	medium	—	5.5	6y ago	Deserialization of Untrusted Data in jackson-databind
CVE-2019-20330	medium	—	5.5	6y ago	Deserialization of Untrusted Data in jackson-databind
CVE-2019-17531	medium	—	5.5	7y ago	jackson-databind polymorphic typing issue
CVE-2019-16943	medium	—	5.5	7y ago	jackson-databind polymorphic typing issue
CVE-2019-16942	medium	—	5.5	7y ago	Polymorphic Typing in FasterXML jackson-databind
CVE-2019-16335	medium	—	5.5	7y ago	Polymorphic Typing issue in FasterXML jackson-databind
CVE-2019-14540	medium	—	5.5	7y ago	Polymorphic Typing issue in FasterXML jackson-databind
CVE-2021-46877	unknown	—	—	3y ago	jackson-databind possible Denial of Service if using JDK serialization to serialize JsonNode
CVE-2020-10650	unknown	—	—	4y ago	jackson-databind vulnerable to unsafe deserialization
CVE-2020-36189	unknown	—	—	5y ago	Unsafe Deserialization in jackson-databind
CVE-2020-36187	unknown	—	—	5y ago	Unsafe Deserialization in jackson-databind
CVE-2020-36188	unknown	—	—	5y ago	Unsafe Deserialization in jackson-databind
CVE-2020-36184	unknown	—	—	5y ago	Unsafe Deserialization in jackson-databind
CVE-2020-36180	unknown	—	—	5y ago	Unsafe Deserialization in jackson-databind
CVE-2020-36181	unknown	—	—	5y ago	Unsafe Deserialization in jackson-databind
CVE-2020-36185	unknown	—	—	5y ago	Unsafe Deserialization in jackson-databind
CVE-2020-36179	unknown	—	—	5y ago	Unsafe Deserialization in jackson-databind
CVE-2020-36182	unknown	—	—	5y ago	Unsafe Deserialization in jackson-databind
CVE-2020-24750	unknown	—	—	5y ago	Unsafe Deserialization in jackson-databind
CVE-2020-35491	unknown	—	—	5y ago	Serialization gadgets exploit in jackson-databind
CVE-2020-35490	unknown	—	—	5y ago	Serialization gadgets exploit in jackson-databind
CVE-2020-24616	unknown	—	—	5y ago	Code Injection in jackson-databind
CVE-2020-36186	unknown	—	—	5y ago	Unsafe Deserialization in jackson-databind
CVE-2020-25649	unknown	—	—	5y ago	XML External Entity (XXE) Injection in Jackson Databind
CVE-2021-20190	unknown	—	—	5y ago	Deserialization of untrusted data in jackson-databind
CVE-2018-5968	unknown	—	—	6y ago	Deserialization of Untrusted Data in jackson-databind
CVE-2020-14061	unknown	—	—	6y ago	Deserialization of untrusted data in Jackson Databind
CVE-2020-14195	unknown	—	—	6y ago	Deserialization of untrusted data in Jackson Databind
CVE-2018-12023	unknown	—	—	6y ago	Deserialization of Untrusted Data
CVE-2019-17267	unknown	—	—	6y ago	Improper Input Validation in jackson-databind
CVE-2019-14893	unknown	—	—	6y ago	Polymorphic deserialization of malicious object in jackson-databind
CVE-2019-14892	unknown	—	—	6y ago	Polymorphic deserialization of malicious object in jackson-databind
CVE-2020-10968	unknown	—	—	6y ago	jackson-databind mishandles the interaction between serialization gadgets and typing
CVE-2020-11111	unknown	—	—	6y ago	jackson-databind mishandles the interaction between serialization gadgets and typing
CVE-2020-10969	unknown	—	—	6y ago	jackson-databind mishandles the interaction between serialization gadgets and typing
CVE-2020-11620	unknown	—	—	6y ago	jackson-databind mishandles the interaction between serialization gadgets and typing
CVE-2019-14439	unknown	—	—	7y ago	Deserialization of untrusted data in FasterXML jackson-databind
CVE-2019-14379	unknown	—	—	7y ago	Deserialization of untrusted data in FasterXML jackson-databind
CVE-2019-12814	unknown	—	—	7y ago	Deserialization of untrusted data in FasterXML jackson-databind
CVE-2018-11307	unknown	—	—	7y ago	Deserialization of Untrusted Data in jackson-databind
CVE-2019-12086	unknown	—	—	7y ago	Information exposure in FasterXML jackson-databind
CVE-2018-12022	unknown	—	—	7y ago	jackson-databind Deserialization of Untrusted Data vulnerability
CVE-2018-14719	unknown	—	—	8y ago	Arbitrary Code Execution in jackson-databind
CVE-2018-14720	unknown	—	—	8y ago	XML External Entity Reference (XXE) in jackson-databind
CVE-2018-14721	unknown	—	—	8y ago	Server-Side Request Forgery (SSRF) in jackson-databind
CVE-2018-19362	unknown	—	—	8y ago	com.fasterxml.jackson.core:jackson-databind vulnerable to Deserialization of Untrusted Data
CVE-2018-19361	unknown	—	—	8y ago	Deserialization of Untrusted Data in jackson-databind
CVE-2018-19360	unknown	—	—	8y ago	Deserialization of Untrusted Data in jackson-databind due to polymorphic deserialization
CVE-2018-14718	unknown	—	—	8y ago	Arbitrary Code Execution in jackson-databind
CVE-2017-17485	unknown	—	—	8y ago	jackson-databind vulnerable to remote code execution due to incorrect deserialization and blocklist bypass
CVE-2017-15095	unknown	—	—	8y ago	jackson-databind vulnerable to deserialization flaw leading to unauthenticated remote code execution
CVE-2018-7489	unknown	—	—	8y ago	FasterXML jackson-databind allows unauthenticated remote code execution
CVE-2017-7525	unknown	—	—	8y ago	jackson-databind is vulnerable to a deserialization flaw