Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/jackson-dataformat-xml@2.14.0-1?distro=trixie
purl pkg:deb/debian/jackson-dataformat-xml@2.14.0-1?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-ekx6-m3n8-1bcw XmlMapper in the Jackson XML dataformat component (aka jackson-dataformat-xml) before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors related to a DTD. CVE-2016-7051
GHSA-7c2r-3jqf-c9rw
VCID-kfr9-3795-1yes XML external entity (XXE) vulnerability in XmlMapper in the Data format extension for Jackson (aka jackson-dataformat-xml) allows attackers to have unspecified impact via unknown vectors. CVE-2016-3720
GHSA-hmq6-frv3-4727

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T13:30:20.799555+00:00 Debian Importer Fixing VCID-ekx6-m3n8-1bcw https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:41:25.566657+00:00 Debian Importer Fixing VCID-kfr9-3795-1yes https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T09:19:15.907051+00:00 Debian Importer Fixing VCID-ekx6-m3n8-1bcw https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:50:26.542327+00:00 Debian Importer Fixing VCID-kfr9-3795-1yes https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:27:48.053072+00:00 Debian Importer Fixing VCID-ekx6-m3n8-1bcw https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:27:48.021613+00:00 Debian Importer Fixing VCID-kfr9-3795-1yes https://security-tracker.debian.org/tracker/data/json 38.1.0