Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-395t-bxwj-7fcu

Summary

Jackson-core Vulnerable to Memory Disclosure via Source Snippet in JsonLocation
### Overview

A flaw in Jackson-core's `JsonLocation._appendSourceDesc` method allows up to 500 bytes of unintended memory content to be included in exception messages. When parsing JSON from a byte array with an offset and length, the exception message incorrectly reads from the beginning of the array instead of the logical payload start. This results in possible **information disclosure** in systems using **pooled or reused buffers**, like Netty or Vert.x.

### Details

The vulnerability affects the creation of exception messages like:

```
JsonParseException: Unexpected character ... at [Source: (byte[])...]
```

When `JsonFactory.createParser(byte[] data, int offset, int len)` is used, and an error occurs while parsing, the exception message should include a snippet from the specified logical payload. However, the method `_appendSourceDesc` ignores the `offset`, and always starts reading from index `0`.

If the buffer contains residual sensitive data from a previous request, such as credentials or document contents, that data may be exposed if the exception is propagated to the client.

The issue particularly impacts server applications using:

* Pooled byte buffers (e.g., Netty)
* Frameworks that surface parse errors in HTTP responses
* Default Jackson settings (i.e., `INCLUDE_SOURCE_IN_LOCATION` is enabled)

A documented real-world example is [CVE-2021-22145](https://nvd.nist.gov/vuln/detail/CVE-2021-22145) in Elasticsearch, which stemmed from the same root cause.

### Attack Scenario

An attacker sends malformed JSON to a service using Jackson and pooled byte buffers (e.g., Netty-based HTTP servers). If the server reuses a buffer and includes the parser’s exception in its HTTP 400 response, the attacker may receive residual data from previous requests.

### Proof of Concept

```java
byte[] buffer = new byte[1000];
System.arraycopy("SECRET".getBytes(), 0, buffer, 0, 6);
System.arraycopy("{ \"bad\": }".getBytes(), 0, buffer, 700, 10);

JsonFactory factory = new JsonFactory();
JsonParser parser = factory.createParser(buffer, 700, 20);
parser.nextToken(); // throws exception

// Exception message will include "SECRET"
```

### Patches
This issue was silently fixed in jackson-core version 2.13.0, released on September 30, 2021, via [PR #652](https://github.com/FasterXML/jackson-core/pull/652).

All users should upgrade to version 2.13.0 or later.

### Workarounds
If upgrading is not immediately possible, applications can mitigate the issue by:

1. **Disabling exception message exposure to clients** — avoid returning parsing exception messages in HTTP responses.
2. **Disabling source inclusion in exceptions** by setting:

   ```java
   jsonFactory.disable(JsonFactory.Feature.INCLUDE_SOURCE_IN_LOCATION);
   ```

    This prevents Jackson from embedding any source content in exception messages, avoiding leakage.


### References
* [Pull Request #652 (Fix implementation)](https://github.com/FasterXML/jackson-core/pull/652)
* [CVE-2021-22145 (Elasticsearch exposure of this flaw)](https://nvd.nist.gov/vuln/detail/CVE-2021-22145)

Aliases

alias	CVE-2025-49128

alias	GHSA-wf8f-6423-gfxg

Fixed_packages

url	pkg:deb/debian/jackson-core@2.13.0-1?distro=trixie
purl	pkg:deb/debian/jackson-core@2.13.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-core@2.13.0-1%3Fdistro=trixie

url pkg:deb/debian/jackson-core@2.14.1-1

purl pkg:deb/debian/jackson-core@2.14.1-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-core@2.14.1-1

url pkg:deb/debian/jackson-core@2.14.1-1?distro=trixie

purl pkg:deb/debian/jackson-core@2.14.1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-core@2.14.1-1%3Fdistro=trixie

url	pkg:deb/debian/jackson-core@2.14.1-2?distro=trixie
purl	pkg:deb/debian/jackson-core@2.14.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-core@2.14.1-2%3Fdistro=trixie

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.13.0

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.13.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.13.0

Affected_packages

url pkg:deb/debian/jackson-core@2.12.1-1

purl pkg:deb/debian/jackson-core@2.12.1-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-core@2.12.1-1

url pkg:deb/debian/jackson-core@2.12.1-1?distro=trixie

purl pkg:deb/debian/jackson-core@2.12.1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-core@2.12.1-1%3Fdistro=trixie

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.0.0

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.0.0

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.0.1

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.0.1

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.0.2

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.0.2

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.0.4

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.0.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.0.4

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.0.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.0.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.0.5

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.0.6

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.0.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.0.6

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.1.0

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.1.0

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.1.1

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.1.1

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.1.2

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.1.2

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.1.3

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.1.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.1.3

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.1.4

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.1.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.1.4

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.1.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.1.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.1.5

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.2.0-rc1

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.2.0-rc1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.2.0-rc1

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.2.0

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.2.0

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.2.1

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.2.1

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.2.2

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.2.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.2.2

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.2.3

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.2.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.2.3

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.2.4

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.2.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.2.4

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.3.0-rc1

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.3.0-rc1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.3.0-rc1

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.3.0

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.3.0

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.3.1

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.3.1

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.3.2

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.3.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.3.2

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.3.3

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.3.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.3.3

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.3.4

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.3.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.3.4

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.3.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.3.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.3.5

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.0-rc1

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.0-rc1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.0-rc1

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.0-rc2

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.0-rc2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.0-rc2

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.0-rc3

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.0-rc3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.0-rc3

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.0

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.0

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.1

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.1

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.1.1

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.1.1

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.2

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.2

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.3

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.3

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.4

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.4

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.5

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.6

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.4.6

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.5.0-rc1

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.5.0-rc1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.5.0-rc1

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.5.0

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.5.0

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.5.1

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.5.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.5.1

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.5.2

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.5.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.5.2

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.5.3

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.5.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.5.3

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.5.4

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.5.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.5.4

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.5.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.5.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.5.5

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.0-rc1

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.0-rc1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.0-rc1

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.0-rc2

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.0-rc2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.0-rc2

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.0-rc3

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.0-rc3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.0-rc3

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.0-rc4

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.0-rc4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.0-rc4

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.0

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.0

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.1

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.1

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.2

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.2

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.3

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.3

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.4

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.4

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.5

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.6

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.6

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.7

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.6.7

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.0-rc1

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.0-rc1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.0-rc1

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.0-rc2

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.0-rc2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.0-rc2

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.0-rc3

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.0-rc3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.0-rc3

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.0

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.0

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.1

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.1

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.2

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.2

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.3

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.3

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.4

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.4

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.5

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.6

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.6

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.7

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.7

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.8

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.8

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.9

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.7.9

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.0.rc1

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.0.rc1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.0.rc1

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.0.rc2

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.0.rc2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.0.rc2

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.0

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.0

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.1

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.1

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.2

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.2

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.3

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.3

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.4

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.4

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.5

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.6

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.6

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.7

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.7

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.8

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.8

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.9

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.9

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.10

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.10

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.11

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.8.11

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.0

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.0

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.0.pr1

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.0.pr1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.0.pr1

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.0.pr2

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.0.pr2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.0.pr2

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.0.pr3

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.0.pr3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.0.pr3

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.0.pr4

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.0.pr4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.0.pr4

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.1

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.1

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.2

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.2

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.3

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.3

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.4

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.4

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.5

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.6

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.6

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.7

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.7

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.8

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.8

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.9

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.9

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.10

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.9.10

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.0

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.0

100

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.0.pr1

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.0.pr1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.0.pr1

101

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.0.pr2

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.0.pr2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.0.pr2

102

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.0.pr3

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.0.pr3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.0.pr3

103

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.1

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.1

104

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.2

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.2

105

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.3

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.3

106

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.4

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.4

107

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.5

108

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.11.0.rc1

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.11.0.rc1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.11.0.rc1

109

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.11.0

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.11.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.11.0

110

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.11.1

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.11.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.11.1

111

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.11.2

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.11.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.11.2

112

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.11.3

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.11.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.11.3

113

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.11.4

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.11.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.11.4

114

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.0-rc1

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.0-rc1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.0-rc1

115

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.0-rc2

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.0-rc2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.0-rc2

116

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.0

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.0

117

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.1

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.1

118

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.2

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.2

119

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.3

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.3

120

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.4

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.4

121

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.5

122

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.6

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.6

123

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.7

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.7

124

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.13.0-rc1

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.13.0-rc1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.13.0-rc1

125

url pkg:maven/com.fasterxml.jackson.core/jackson-core@2.13.0-rc2

purl pkg:maven/com.fasterxml.jackson.core/jackson-core@2.13.0-rc2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-395t-bxwj-7fcu

vulnerability	VCID-evmb-e63r-rfcy

vulnerability	VCID-pwnn-qx48-ykae

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.13.0-rc2

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49128.json

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49128.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-49128

reference_id

reference_type

scores

value	0.00027
scoring_system	epss
scoring_elements	0.07582
published_at	2026-04-21T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.0745
published_at	2026-04-18T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07461
published_at	2026-04-16T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07536
published_at	2026-04-13T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07549
published_at	2026-04-12T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07462
published_at	2026-04-02T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.0754
published_at	2026-04-08T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07482
published_at	2026-04-07T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07501
published_at	2026-04-04T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07563
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-49128

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49128
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49128

reference_url

https://github.com/FasterXML/jackson-core

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-core

reference_url

https://github.com/FasterXML/jackson-core/commit/a6c297682737dde13337cb7c3020f299518609a8

reference_id

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	4.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:13:56Z/

url

https://github.com/FasterXML/jackson-core/commit/a6c297682737dde13337cb7c3020f299518609a8

reference_url

https://github.com/FasterXML/jackson-core/pull/652

reference_id

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	4.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:13:56Z/

url

https://github.com/FasterXML/jackson-core/pull/652

reference_url

https://github.com/FasterXML/jackson-core/security/advisories/GHSA-wf8f-6423-gfxg

reference_id

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	4.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-09T15:13:56Z/

url

https://github.com/FasterXML/jackson-core/security/advisories/GHSA-wf8f-6423-gfxg

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-22145

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-22145

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-49128

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-49128

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2370891
reference_id	2370891
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2370891

reference_url

https://github.com/advisories/GHSA-wf8f-6423-gfxg

reference_id

GHSA-wf8f-6423-gfxg

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-wf8f-6423-gfxg

Weaknesses

cwe_id	209
name	Generation of Error Message Containing Sensitive Information
description	The product generates an error message that includes sensitive information about its environment, users, or associated data.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

Exploits

Severity_range_score 4.0 - 6.9

Exploitability 0.5

Weighted_severity 6.2

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-395t-bxwj-7fcu

Vulnerability Instance