Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-xml@2.0.0-RC1
purl pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-xml@2.0.0-RC1
Next non-vulnerable version 2.10.0
Latest non-vulnerable version 2.10.0
Risk 4.5
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-ekx6-m3n8-1bcw
Aliases:
CVE-2016-7051
GHSA-7c2r-3jqf-c9rw
XmlMapper in the Jackson XML dataformat component (aka jackson-dataformat-xml) before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors related to a DTD.
2.7.8
Affected by 1 other vulnerability.
2.8.4
Affected by 1 other vulnerability.
VCID-kfr9-3795-1yes
Aliases:
CVE-2016-3720
GHSA-hmq6-frv3-4727
XML external entity (XXE) vulnerability in XmlMapper in the Data format extension for Jackson (aka jackson-dataformat-xml) allows attackers to have unspecified impact via unknown vectors.
2.7.4
Affected by 2 other vulnerabilities.
2.8.0
Affected by 2 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T20:49:16.733894+00:00 GitLab Importer Affected by VCID-ekx6-m3n8-1bcw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.dataformat/jackson-dataformat-xml/CVE-2016-7051.yml 38.4.0
2026-04-16T20:34:12.511961+00:00 GitLab Importer Affected by VCID-kfr9-3795-1yes https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.dataformat/jackson-dataformat-xml/CVE-2016-3720.yml 38.4.0
2026-04-16T01:25:23.277950+00:00 GHSA Importer Affected by VCID-kfr9-3795-1yes https://github.com/advisories/GHSA-hmq6-frv3-4727 38.4.0
2026-04-11T22:00:18.909908+00:00 GitLab Importer Affected by VCID-ekx6-m3n8-1bcw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.dataformat/jackson-dataformat-xml/CVE-2016-7051.yml 38.3.0
2026-04-11T21:44:40.531552+00:00 GitLab Importer Affected by VCID-kfr9-3795-1yes https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.dataformat/jackson-dataformat-xml/CVE-2016-3720.yml 38.3.0
2026-04-11T12:54:41.751060+00:00 GHSA Importer Affected by VCID-kfr9-3795-1yes https://github.com/advisories/GHSA-hmq6-frv3-4727 38.3.0
2026-04-02T22:13:24.587177+00:00 GitLab Importer Affected by VCID-ekx6-m3n8-1bcw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.dataformat/jackson-dataformat-xml/CVE-2016-7051.yml 38.1.0
2026-04-02T21:58:44.664656+00:00 GitLab Importer Affected by VCID-kfr9-3795-1yes https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.dataformat/jackson-dataformat-xml/CVE-2016-3720.yml 38.1.0
2026-04-02T13:47:18.239663+00:00 GHSA Importer Affected by VCID-kfr9-3795-1yes https://github.com/advisories/GHSA-hmq6-frv3-4727 38.1.0
2026-04-01T16:30:48.502893+00:00 GitLab Importer Affected by VCID-ekx6-m3n8-1bcw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.dataformat/jackson-dataformat-xml/CVE-2016-7051.yml 38.0.0
2026-04-01T16:16:01.059476+00:00 GitLab Importer Affected by VCID-kfr9-3795-1yes https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson.dataformat/jackson-dataformat-xml/CVE-2016-3720.yml 38.0.0