Search for packages
| purl | pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.4.6.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-121u-fy4e-aaah
Aliases: CVE-2019-17531 GHSA-gjmw-vf9h-g25v |
Polymorphic typing issue |
Affected by 41 other vulnerabilities. |
|
VCID-1ny7-27k8-aaas
Aliases: CVE-2019-14893 GHSA-qmqc-x3r4-6v39 |
Polymorphic deserialization of malicious object in jackson-databind |
Affected by 44 other vulnerabilities. Affected by 44 other vulnerabilities. |
|
VCID-213j-gkjs-aaab
Aliases: CVE-2023-35116 |
** DISPUTED ** jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies. NOTE: the vendor's perspective is that this is not a valid vulnerability report, because the steps of constructing a cyclic data structure and trying to serialize it cannot be achieved by an external attacker. |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-2nyb-8rwu-aaag
Aliases: CVE-2020-36518 GHSA-57j2-w4cx-62h2 |
Deeply nested json in jackson-databind |
Affected by 3 other vulnerabilities. Affected by 4 other vulnerabilities. Affected by 3 other vulnerabilities. |
|
VCID-37nq-ncdy-aaak
Aliases: CVE-2019-16943 GHSA-fmmc-742q-jg75 |
Polymorphic typing issue |
Affected by 41 other vulnerabilities. |
|
VCID-5yjp-m4pq-aaak
Aliases: CVE-2017-7525 GHSA-qxxx-2pp7-5hmx |
A deserialization flaw was discovered in the jackson-databind |
Affected by 55 other vulnerabilities. Affected by 59 other vulnerabilities. Affected by 58 other vulnerabilities. Affected by 58 other vulnerabilities. |
|
VCID-8dca-phs2-aaab
Aliases: CVE-2020-10650 GHSA-rpr3-cw39-3pxh GMS-2022-2955 |
jackson-databind before 2.9.10.4 vulnerable to unsafe deserialization |
Affected by 26 other vulnerabilities. |
|
VCID-8eu3-gcfv-aaas
Aliases: CVE-2019-17267 GHSA-f3j5-rmmp-3fc5 |
Improper Input Validation in jackson-databind |
Affected by 44 other vulnerabilities. |
|
VCID-amhg-ukhs-aaah
Aliases: CVE-2018-11307 GHSA-qr7j-h6gg-jmgc |
Deserialization of Untrusted Data in jackson-databind |
Affected by 55 other vulnerabilities. Affected by 51 other vulnerabilities. Affected by 62 other vulnerabilities. |
|
VCID-dgpf-mnew-aaar
Aliases: CVE-2019-14540 GHSA-h822-r4r5-v8jg |
Polymorphic Typing issue in FasterXML jackson-databind |
Affected by 44 other vulnerabilities. |
|
VCID-e4fz-gcnp-aaap
Aliases: CVE-2019-16335 GHSA-85cw-hj65-qqv9 |
Polymorphic Typing issue in FasterXML jackson-databind |
Affected by 44 other vulnerabilities. |
|
VCID-eps5-dhv3-aaam
Aliases: CVE-2017-15095 GHSA-h592-38cm-4ggp |
High severity vulnerability that affects com.fasterxml.jackson.core:jackson-databind |
Affected by 57 other vulnerabilities. Affected by 57 other vulnerabilities. Affected by 56 other vulnerabilities. Affected by 69 other vulnerabilities. Affected by 68 other vulnerabilities. Affected by 66 other vulnerabilities. |
|
VCID-gqhw-ngh8-aaap
Aliases: CVE-2022-42004 GHSA-rgv9-q543-rqg4 |
Deserialization of Untrusted Data in FasterXML jackson-databind |
Affected by 3 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
VCID-jshw-wv7j-aaac
Aliases: CVE-2018-7489 GHSA-cggj-fvv3-cqwv |
FasterXML jackson-databind allows unauthenticated remote code execution |
Affected by 57 other vulnerabilities. Affected by 54 other vulnerabilities. Affected by 65 other vulnerabilities. |
|
VCID-jt34-h6ym-aaad
Aliases: CVE-2018-1000873 GHSA-h4x4-5qp2-wp46 |
Moderate severity vulnerability that affects com.fasterxml.jackson.datatype:jackson-datatype-jsr353 |
Affected by 54 other vulnerabilities. |
|
VCID-khga-7sd1-aaac
Aliases: CVE-2019-20330 GHSA-gww7-p5w4-wrfv |
Deserialization of Untrusted Data in jackson-databind |
Affected by 46 other vulnerabilities. Affected by 47 other vulnerabilities. Affected by 44 other vulnerabilities. Affected by 40 other vulnerabilities. |
|
VCID-q66e-967t-aaah
Aliases: CVE-2018-14718 GHSA-645p-88qh-w398 |
High severity vulnerability that affects com.fasterxml.jackson.core:jackson-databind |
Affected by 51 other vulnerabilities. Affected by 51 other vulnerabilities. Affected by 48 other vulnerabilities. Affected by 58 other vulnerabilities. |
|
VCID-t7e4-g3fr-aaan
Aliases: CVE-2022-42003 GHSA-jjjh-jjxp-wpff |
Deserialization of Untrusted Data in FasterXML jackson-databind |
Affected by 3 other vulnerabilities. Affected by 3 other vulnerabilities. Affected by 2 other vulnerabilities. Affected by 2 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-vaet-ekgb-aaak
Aliases: CVE-2020-35490 GHSA-wh8g-3j2c-rqj5 |
Serialization gadgets exploit in jackson-databind |
Affected by 4 other vulnerabilities. |
|
VCID-vaq8-9f2s-aaag
Aliases: CVE-2019-16942 GHSA-mx7p-6679-8g3q |
Polymorphic Typing in FasterXML jackson-databind |
Affected by 41 other vulnerabilities. |
|
VCID-wanu-687f-aaag
Aliases: CVE-2020-35491 GHSA-r3gr-cxrf-hg25 |
Serialization gadgets exploit in jackson-databind |
Affected by 4 other vulnerabilities. |
|
VCID-xegf-xmqz-aaaq
Aliases: CVE-2018-5968 GHSA-w3f4-3q6j-rh82 |
Deserialization of Untrusted Data in jackson-databind |
Affected by 51 other vulnerabilities. Affected by 56 other vulnerabilities. Affected by 54 other vulnerabilities. Affected by 66 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||