Search for packages
| purl | pkg:deb/debian/libjackson-json-java@1.9.13-2~deb10u1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-ejh5-re54-17hp
Aliases: CVE-2019-10172 GHSA-r6j9-8759-g62w |
Improper Restriction of XML External Entity Reference A flaw was found in `org.codehaus.jackson:jackson-mapper-asl` libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus `jackson-mapper-asl` libraries but in different classes. |
Affected by 0 other vulnerabilities. |
|
VCID-rg7k-kaxv-2ubx
Aliases: CVE-2017-7525 GHSA-qxxx-2pp7-5hmx |
Deserialization of Untrusted Data A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the `readValue` method of the `ObjectMapper`. |
Affected by 0 other vulnerabilities. |
|
VCID-tfky-edec-13gw
Aliases: CVE-2017-15095 GHSA-h592-38cm-4ggp |
Deserialization of Untrusted Data A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the `readValue` method of the `ObjectMapper`. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-06T03:41:21.272741+00:00 | Debian Oval Importer | Affected by | VCID-rg7k-kaxv-2ubx | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 38.6.0 |
| 2026-06-06T01:14:24.999339+00:00 | Debian Oval Importer | Affected by | VCID-ejh5-re54-17hp | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 38.6.0 |
| 2026-06-06T01:07:00.072997+00:00 | Debian Oval Importer | Affected by | VCID-tfky-edec-13gw | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 38.6.0 |