Search for packages
| purl | pkg:deb/debian/jackson-databind@2.9.1-1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-ceub-d4s9-dkcd | Deserialization of Untrusted Data A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the `readValue` method of the `ObjectMapper`. |
CVE-2017-15095
GHSA-h592-38cm-4ggp |
| VCID-v84e-sf92-dqa1 | A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. |
CVE-2017-7525
GHSA-qxxx-2pp7-5hmx |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T11:52:27.331280+00:00 | Debian Importer | Fixing | VCID-v84e-sf92-dqa1 | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T09:29:07.423287+00:00 | Debian Importer | Fixing | VCID-ceub-d4s9-dkcd | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-13T08:06:25.969354+00:00 | Debian Importer | Fixing | VCID-v84e-sf92-dqa1 | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-11T18:19:31.850716+00:00 | Debian Importer | Fixing | VCID-ceub-d4s9-dkcd | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-03T07:27:45.613475+00:00 | Debian Importer | Fixing | VCID-v84e-sf92-dqa1 | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-03T07:27:45.530099+00:00 | Debian Importer | Fixing | VCID-ceub-d4s9-dkcd | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |