VIR Vulnerability Intelligence Relay

Package impact

java Maven / com.fasterxml.jackson.core:jackson-databind

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2020-9546 critical 9.8 9.8 6y ago jackson-databind mishandles the interaction between serialization gadgets and typing debianrockylinuxjavaoracle
CVE-2020-11113 high 8.8 8.8 6y ago FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa). debianjavaoracle
CVE-2020-11112 high 8.8 8.8 6y ago jackson-databind mishandles the interaction between serialization gadgets and typing debianjavaoracle
CVE-2020-36183 high 8.1 8.1 6y ago Unsafe Deserialization in jackson-databind debianjavaoracle
CVE-2020-35728 high 8.1 8.1 6y ago Serialization gadget exploit in jackson-databind susedebianjavaoracle
CVE-2020-14060 high 8.1 8.1 6y ago Deserialization of untrusted data in Jackson Databind debianjavaoracle
CVE-2020-14062 high 8.1 8.1 6y ago Deserialization of untrusted data in Jackson Databind debianjavaoracle
CVE-2020-11619 high 8.1 8.1 6y ago jackson-databind mishandles the interaction between serialization gadgets and typing debianjavaoracle
CVE-2022-42004 high 8.0 4y ago Uncontrolled Resource Consumption in FasterXML jackson-databind rockylinuxsusedebianjava
CVE-2022-42003 high 8.0 4y ago In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, … rockylinuxsusedebianjava
CVE-2019-12384 high 8.0 7y ago Important: pki-deps:10.6 security update debianrockylinuxjava
CVE-2021-46877 unknown 3y ago jackson-databind possible Denial of Service if using JDK serialization to serialize JsonNode susedebianjava
CVE-2020-36180 unknown 5y ago Unsafe Deserialization in jackson-databind debianjava
CVE-2020-36182 unknown 5y ago Unsafe Deserialization in jackson-databind debianjava
CVE-2020-25649 unknown 5y ago XML External Entity (XXE) Injection in Jackson Databind susedebianjava
CVE-2021-20190 unknown 5y ago Deserialization of untrusted data in jackson-databind susedebianjava
CVE-2018-12023 unknown 6y ago Deserialization of Untrusted Data debianjava
CVE-2020-10969 unknown 6y ago jackson-databind mishandles the interaction between serialization gadgets and typing debianjava
CVE-2019-14379 unknown 7y ago Deserialization of untrusted data in FasterXML jackson-databind susedebianjava
CVE-2019-12086 unknown 7y ago Information exposure in FasterXML jackson-databind debianrockylinuxjava
CVE-2018-14719 unknown 8y ago Arbitrary Code Execution in jackson-databind debianjava
CVE-2018-14718 unknown 8y ago Arbitrary Code Execution in jackson-databind debianjava