Search for packages
| purl | pkg:maven/com.fasterxml.jackson/jackson-base@2.9.6 |
| Next non-vulnerable version | 2.9.10.20191020 |
| Latest non-vulnerable version | 2.9.10.20191020 |
| Risk | 4.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-xnyb-nuwm-pkdr
Aliases: CVE-2020-8840 GHSA-4w82-r329-3q67 |
Deserialization of Untrusted Data in jackson-databind FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5 and 2.9.x before 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T21:00:25.861342+00:00 | GitLab Importer | Affected by | VCID-xnyb-nuwm-pkdr | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson/jackson-base/CVE-2020-8840.yml | 38.4.0 |
| 2026-04-11T22:11:40.931335+00:00 | GitLab Importer | Affected by | VCID-xnyb-nuwm-pkdr | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson/jackson-base/CVE-2020-8840.yml | 38.3.0 |
| 2026-04-02T22:24:10.499931+00:00 | GitLab Importer | Affected by | VCID-xnyb-nuwm-pkdr | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson/jackson-base/CVE-2020-8840.yml | 38.1.0 |
| 2026-04-01T16:42:00.374134+00:00 | GitLab Importer | Affected by | VCID-xnyb-nuwm-pkdr | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.fasterxml.jackson/jackson-base/CVE-2020-8840.yml | 38.0.0 |