Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.0
Typemaven
Namespacecom.fasterxml.jackson.core
Namejackson-databind
Version2.7.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.7.9.1
Latest_non_vulnerable_version2.16.0
Affected_by_vulnerabilities
0
url VCID-18u1-9nc1-2feh
vulnerability_id VCID-18u1-9nc1-2feh
summary 
Deserialization of Untrusted Data
FasterXML jackson-databind might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.
references
0
reference_url https://github.com/FasterXML/jackson-databind/issues/2186
reference_id
reference_type
scores
url https://github.com/FasterXML/jackson-databind/issues/2186
1
reference_url https://issues.apache.org/jira/browse/TINKERPOP-2121
reference_id
reference_type
scores
url https://issues.apache.org/jira/browse/TINKERPOP-2121
2
reference_url http://www.securityfocus.com/bid/107985
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/107985
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-19360
reference_id CVE-2018-19360
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-19360
fixed_packages
0
url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5
purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p52x-ese3-qkha
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5
1
url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3
purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p52x-ese3-qkha
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3
2
url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.8
purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.8
aliases CVE-2018-19360
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-18u1-9nc1-2feh
1
url VCID-39mg-y1k8-xbf9
vulnerability_id VCID-39mg-y1k8-xbf9
summary 
Improper Restriction of XML External Entity Reference
FasterXML jackson-databind might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.
references
0
reference_url https://github.com/FasterXML/jackson-databind/issues/2097
reference_id
reference_type
scores
url https://github.com/FasterXML/jackson-databind/issues/2097
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14720
reference_id CVE-2018-14720
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-14720
fixed_packages
0
url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.7
purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.7
aliases CVE-2018-14720
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-39mg-y1k8-xbf9
2
url VCID-8mns-fyju-dqdr
vulnerability_id VCID-8mns-fyju-dqdr
summary 
Deserialization of Untrusted Data
FasterXML jackson-databind might allow attackers to have unspecified impact by leveraging failure to block the `openjpa` class from polymorphic deserialization.
references
0
reference_url https://github.com/FasterXML/jackson-databind/issues/2186
reference_id
reference_type
scores
url https://github.com/FasterXML/jackson-databind/issues/2186
1
reference_url https://issues.apache.org/jira/browse/TINKERPOP-2121
reference_id
reference_type
scores
url https://issues.apache.org/jira/browse/TINKERPOP-2121
2
reference_url http://www.securityfocus.com/bid/107985
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/107985
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-19361
reference_id CVE-2018-19361
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-19361
fixed_packages
0
url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5
purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p52x-ese3-qkha
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5
1
url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3
purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p52x-ese3-qkha
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3
2
url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.8
purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.8
aliases CVE-2018-19361
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8mns-fyju-dqdr
3
url VCID-d6ez-jva8-hyag
vulnerability_id VCID-d6ez-jva8-hyag
summary 
Deserialization of Untrusted Data
FasterXML jackson-databind might allow attackers to have unspecified impact by leveraging failure to block the `jboss-common-core` class from polymorphic deserialization.
references
0
reference_url https://github.com/FasterXML/jackson-databind/issues/2186
reference_id
reference_type
scores
url https://github.com/FasterXML/jackson-databind/issues/2186
1
reference_url https://issues.apache.org/jira/browse/TINKERPOP-2121
reference_id
reference_type
scores
url https://issues.apache.org/jira/browse/TINKERPOP-2121
2
reference_url http://www.securityfocus.com/bid/107985
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/107985
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-19362
reference_id CVE-2018-19362
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-19362
fixed_packages
0
url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5
purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p52x-ese3-qkha
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5
1
url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3
purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p52x-ese3-qkha
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3
2
url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.8
purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.8
aliases CVE-2018-19362
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d6ez-jva8-hyag
4
url VCID-p52x-ese3-qkha
vulnerability_id VCID-p52x-ese3-qkha
summary 
Information Disclosure
A Polymorphic Typing issue was discovered in FasterXML jackson-databind. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has JDOM in the classpath, an attacker can send a specifically crafted JSON message that allows them to read arbitrary local files on the server.
references
0
reference_url https://github.com/FasterXML/jackson-databind/issues/2341
reference_id
reference_type
scores
url https://github.com/FasterXML/jackson-databind/issues/2341
1
reference_url https://lists.debian.org/debian-lts-announce/2019/06/msg00019.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2019/06/msg00019.html
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12814
reference_id CVE-2019-12814
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-12814
fixed_packages
0
url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.6
purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.6
1
url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.4
purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.4
2
url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.9.1
purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.9.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.9.1
aliases CVE-2019-12814
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p52x-ese3-qkha
5
url VCID-r92s-4m4x-dqc7
vulnerability_id VCID-r92s-4m4x-dqc7
summary 
Unsafe Deserialization in jackson-databind
FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.
references
0
reference_url https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
reference_id
reference_type
scores
url https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
1
reference_url https://github.com/FasterXML/jackson-databind/commit/12e23c962ffb4cf1857c5461d72ae54cc8008f29
reference_id
reference_type
scores
url https://github.com/FasterXML/jackson-databind/commit/12e23c962ffb4cf1857c5461d72ae54cc8008f29
2
reference_url https://github.com/FasterXML/jackson-databind/issues/3003
reference_id
reference_type
scores
url https://github.com/FasterXML/jackson-databind/issues/3003
3
reference_url https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html
4
reference_url https://security.netapp.com/advisory/ntap-20210205-0005
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20210205-0005
5
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpuApr2021.html
6
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpuapr2022.html
7
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpujan2022.html
8
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
url https://www.oracle.com//security-alerts/cpujul2021.html
9
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpujul2022.html
10
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpuoct2021.html
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-36183
reference_id CVE-2020-36183
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2020-36183
12
reference_url https://github.com/advisories/GHSA-9m6f-7xcq-8vf8
reference_id GHSA-9m6f-7xcq-8vf8
reference_type
scores
url https://github.com/advisories/GHSA-9m6f-7xcq-8vf8
fixed_packages
0
url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8
purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8
aliases CVE-2020-36183, GHSA-9m6f-7xcq-8vf8
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r92s-4m4x-dqc7
6
url VCID-rg7k-kaxv-2ubx
vulnerability_id VCID-rg7k-kaxv-2ubx
summary 
Deserialization of Untrusted Data
A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the `readValue` method of the `ObjectMapper`.
references
0
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1462702
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1462702
1
reference_url https://github.com/FasterXML/jackson-databind/issues/1599
reference_id
reference_type
scores
url https://github.com/FasterXML/jackson-databind/issues/1599
2
reference_url https://github.com/FasterXML/jackson-databind/issues/1723
reference_id
reference_type
scores
url https://github.com/FasterXML/jackson-databind/issues/1723
3
reference_url https://github.com/FasterXML/jackson-databind/issues/1737
reference_id
reference_type
scores
url https://github.com/FasterXML/jackson-databind/issues/1737
4
reference_url https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true
reference_id
reference_type
scores
url https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true
5
reference_url http://www.securityfocus.com/bid/99623
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/99623
6
reference_url http://www.securitytracker.com/id/1039744
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039744
7
reference_url http://www.securitytracker.com/id/1039947
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039947
8
reference_url http://www.securitytracker.com/id/1040360
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1040360
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7525
reference_id CVE-2017-7525
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2017-7525
fixed_packages
0
url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.1
purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.1
1
url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.9
purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.9
aliases CVE-2017-7525
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rg7k-kaxv-2ubx
7
url VCID-s61k-e43h-13b5
vulnerability_id VCID-s61k-e43h-13b5
summary 
Unsafe Deserialization in jackson-databind
FasterXML jackson-databind 2.x before 2.6.7.5 and from 2.7.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.
references
0
reference_url https://github.com/FasterXML/jackson-databind
reference_id
reference_type
scores
url https://github.com/FasterXML/jackson-databind
1
reference_url https://github.com/FasterXML/jackson-databind/commit/2118e71325486c68f089a9761c9d8a11b4ddd1cb
reference_id
reference_type
scores
url https://github.com/FasterXML/jackson-databind/commit/2118e71325486c68f089a9761c9d8a11b4ddd1cb
2
reference_url https://github.com/FasterXML/jackson-databind/commit/6cc9f1a1af323cd156f5668a47e43bab324ae16f
reference_id
reference_type
scores
url https://github.com/FasterXML/jackson-databind/commit/6cc9f1a1af323cd156f5668a47e43bab324ae16f
3
reference_url https://github.com/FasterXML/jackson-databind/commit/ad5a630174f08d279504bc51ebba8772fd71b86b
reference_id
reference_type
scores
url https://github.com/FasterXML/jackson-databind/commit/ad5a630174f08d279504bc51ebba8772fd71b86b
4
reference_url https://github.com/FasterXML/jackson-databind/issues/2798
reference_id
reference_type
scores
url https://github.com/FasterXML/jackson-databind/issues/2798
5
reference_url https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html
6
reference_url https://security.netapp.com/advisory/ntap-20201009-0003
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20201009-0003
7
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpuApr2021.html
8
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpuapr2022.html
9
reference_url https://www.oracle.com/security-alerts/cpujan2021.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpujan2021.html
10
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpujan2022.html
11
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
url https://www.oracle.com//security-alerts/cpujul2021.html
12
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpuoct2021.html
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-24750
reference_id CVE-2020-24750
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2020-24750
14
reference_url https://github.com/advisories/GHSA-qjw2-hr98-qgfh
reference_id GHSA-qjw2-hr98-qgfh
reference_type
scores
url https://github.com/advisories/GHSA-qjw2-hr98-qgfh
fixed_packages
0
url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.6
purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.6
aliases CVE-2020-24750, GHSA-qjw2-hr98-qgfh
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s61k-e43h-13b5
8
url VCID-t79w-jeyp-suaw
vulnerability_id VCID-t79w-jeyp-suaw
summary 
Deserialization of Untrusted Data
FasterXML jackson-databind might allow remote attackers to execute arbitrary code by leveraging failure to block the `blaze-ds-opt` and `blaze-ds-core` classes from polymorphic deserialization.
references
0
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14719
reference_id CVE-2018-14719
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-14719
fixed_packages
0
url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.7
purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.7
aliases CVE-2018-14719
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t79w-jeyp-suaw
9
url VCID-u37s-5nn4-wqbx
vulnerability_id VCID-u37s-5nn4-wqbx
summary 
Server-Side Request Forgery (SSRF)
FasterXML jackson-databind might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the `axis2-jaxws` class from polymorphic deserialization.
references
0
reference_url https://github.com/FasterXML/jackson-databind/issues/2097
reference_id
reference_type
scores
url https://github.com/FasterXML/jackson-databind/issues/2097
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14721
reference_id CVE-2018-14721
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-14721
fixed_packages
0
url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.7
purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.7
aliases CVE-2018-14721
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u37s-5nn4-wqbx
10
url VCID-wqg8-5kwe-vuem
vulnerability_id VCID-wqg8-5kwe-vuem
summary 
Deserialization of Untrusted Data
FasterXML jackson-databind might allow remote attackers to execute arbitrary code by leveraging failure to block the `slf4j-ext` class from polymorphic deserialization.
references
0
reference_url http://www.securityfocus.com/bid/106601
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/106601
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14718
reference_id CVE-2018-14718
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-14718
fixed_packages
0
url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.7
purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.7
aliases CVE-2018-14718
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wqg8-5kwe-vuem
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.0