| CVE-2020-11113 |
high |
8.8 |
8.8 |
6y ago |
jackson-databind mishandles the interaction between serialization gadgets and typing |
|
| CVE-2020-11112 |
high |
8.8 |
8.8 |
6y ago |
jackson-databind mishandles the interaction between serialization gadgets and typing |
|
| CVE-2020-36183 |
high |
8.1 |
8.1 |
6y ago |
Unsafe Deserialization in jackson-databind |
|
| CVE-2020-35728 |
high |
8.1 |
8.1 |
6y ago |
Serialization gadget exploit in jackson-databind |
|
| CVE-2020-14060 |
high |
8.1 |
8.1 |
6y ago |
Deserialization of untrusted data in Jackson Databind |
|
| CVE-2020-14062 |
high |
8.1 |
8.1 |
6y ago |
Deserialization of untrusted data in Jackson Databind |
|
| CVE-2020-11619 |
high |
8.1 |
8.1 |
6y ago |
jackson-databind mishandles the interaction between serialization gadgets and typing |
|
| CVE-2022-42004 |
high |
— |
8.0 |
4y ago |
Uncontrolled Resource Consumption in FasterXML jackson-databind |
|
| CVE-2022-42003 |
high |
— |
8.0 |
4y ago |
Uncontrolled Resource Consumption in Jackson-databind |
|
| CVE-2019-12384 |
high |
— |
8.0 |
7y ago |
Important: pki-deps:10.6 security update |
|
| CVE-2020-36518 |
medium |
— |
5.5 |
3y ago |
Deeply nested json in jackson-databind |
|
| CVE-2020-9547 |
medium |
— |
5.5 |
6y ago |
Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update |
|
| CVE-2020-10673 |
medium |
— |
5.5 |
6y ago |
jackson-databind mishandles the interaction between serialization gadgets and typing |
|
| CVE-2020-9548 |
medium |
— |
5.5 |
6y ago |
Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update |
|
| CVE-2020-10672 |
medium |
— |
5.5 |
6y ago |
jackson-databind mishandles the interaction between serialization gadgets and typing |
|
| CVE-2020-8840 |
medium |
— |
5.5 |
6y ago |
Deserialization of Untrusted Data in jackson-databind |
|
| CVE-2019-20330 |
medium |
— |
5.5 |
6y ago |
Deserialization of Untrusted Data in jackson-databind |
|
| CVE-2019-17531 |
medium |
— |
5.5 |
7y ago |
jackson-databind polymorphic typing issue |
|
| CVE-2019-16943 |
medium |
— |
5.5 |
7y ago |
jackson-databind polymorphic typing issue |
|
| CVE-2019-16942 |
medium |
— |
5.5 |
7y ago |
Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update |
|
| CVE-2019-16335 |
medium |
— |
5.5 |
7y ago |
Polymorphic Typing issue in FasterXML jackson-databind |
|
| CVE-2019-14540 |
medium |
— |
5.5 |
7y ago |
Polymorphic Typing issue in FasterXML jackson-databind |
|
| CVE-2021-46877 |
unknown |
— |
— |
3y ago |
jackson-databind possible Denial of Service if using JDK serialization to serialize JsonNode |
|
| CVE-2020-36188 |
unknown |
— |
— |
5y ago |
Unsafe Deserialization in jackson-databind |
|
| CVE-2020-36180 |
unknown |
— |
— |
5y ago |
Unsafe Deserialization in jackson-databind |
|
| CVE-2020-36181 |
unknown |
— |
— |
5y ago |
Unsafe Deserialization in jackson-databind |
|
| CVE-2020-36185 |
unknown |
— |
— |
5y ago |
Unsafe Deserialization in jackson-databind |
|
| CVE-2020-36179 |
unknown |
— |
— |
5y ago |
Unsafe Deserialization in jackson-databind |
|
| CVE-2020-36182 |
unknown |
— |
— |
5y ago |
Unsafe Deserialization in jackson-databind |
|
| CVE-2020-24616 |
unknown |
— |
— |
5y ago |
Code Injection in jackson-databind |
|
| CVE-2020-25649 |
unknown |
— |
— |
5y ago |
XML External Entity (XXE) Injection in Jackson Databind |
|
| CVE-2021-20190 |
unknown |
— |
— |
5y ago |
Deserialization of untrusted data in jackson-databind |
|
| CVE-2020-14061 |
unknown |
— |
— |
6y ago |
Deserialization of untrusted data in Jackson Databind |
|
| CVE-2018-12023 |
unknown |
— |
— |
6y ago |
Deserialization of Untrusted Data |
|
| CVE-2019-17267 |
unknown |
— |
— |
6y ago |
Improper Input Validation in jackson-databind |
|
| CVE-2019-14892 |
unknown |
— |
— |
6y ago |
Polymorphic deserialization of malicious object in jackson-databind |
|
| CVE-2020-10969 |
unknown |
— |
— |
6y ago |
jackson-databind mishandles the interaction between serialization gadgets and typing |
|
| CVE-2020-11620 |
unknown |
— |
— |
6y ago |
jackson-databind mishandles the interaction between serialization gadgets and typing |
|
| CVE-2019-14439 |
unknown |
— |
— |
7y ago |
Deserialization of untrusted data in FasterXML jackson-databind |
|
| CVE-2019-14379 |
unknown |
— |
— |
7y ago |
Deserialization of untrusted data in FasterXML jackson-databind |
|
| CVE-2019-12814 |
unknown |
— |
— |
7y ago |
Deserialization of untrusted data in FasterXML jackson-databind |
|
| CVE-2019-12086 |
unknown |
— |
— |
7y ago |
Information exposure in FasterXML jackson-databind |
|
| CVE-2018-12022 |
unknown |
— |
— |
7y ago |
jackson-databind Deserialization of Untrusted Data vulnerability |
|
| CVE-2018-14719 |
unknown |
— |
— |
8y ago |
Arbitrary Code Execution in jackson-databind |
|
| CVE-2018-14721 |
unknown |
— |
— |
8y ago |
Server-Side Request Forgery (SSRF) in jackson-databind |
|
| CVE-2018-19362 |
unknown |
— |
— |
8y ago |
com.fasterxml.jackson.core:jackson-databind vulnerable to Deserialization of Untrusted Data |
|
| CVE-2018-19360 |
unknown |
— |
— |
8y ago |
Deserialization of Untrusted Data in jackson-databind due to polymorphic deserialization |
|
| CVE-2018-14718 |
unknown |
— |
— |
8y ago |
Arbitrary Code Execution in jackson-databind |
|
| CVE-2017-15095 |
unknown |
— |
— |
8y ago |
jackson-databind vulnerable to deserialization flaw leading to unauthenticated remote code execution |
|
| CVE-2018-7489 |
unknown |
— |
— |
8y ago |
FasterXML jackson-databind allows unauthenticated remote code execution |
|