com.fasterxml.jackson.core:jackson-databind (maven) security advisories

HIGH 7.5

Maven

CVE-2022-42004

Uncontrolled Resource Consumption in FasterXML jackson-databind

Oct 3, 2022

HIGH 8.1

Maven

CVE-2020-14062

Deserialization of untrusted data in Jackson Databind

Jun 18, 2020

HIGH 8.1

Maven

CVE-2020-14060

Deserialization of untrusted data in Jackson Databind

Jun 18, 2020

HIGH 8.1

Maven

CVE-2020-11619

jackson-databind mishandles the interaction between serialization gadgets and typing

May 15, 2020

HIGH 8.1

Maven

CVE-2020-36183

Unsafe Deserialization in jackson-databind

Dec 9, 2021

CRITICAL 9.8

Maven

CVE-2020-9546

jackson-databind mishandles the interaction between serialization gadgets and typing

Apr 23, 2020

HIGH 8.1

Maven

CVE-2020-10650

jackson-databind vulnerable to unsafe deserialization

Jul 15, 2022

HIGH 7.5

Maven

CVE-2020-25649

XML External Entity (XXE) Injection in Jackson Databind

Feb 18, 2021

HIGH 7.5

Maven

CVE-2021-46877

jackson-databind possible Denial of Service if using JDK serialization to serialize JsonNode

Mar 19, 2023

HIGH 7.5

Maven

CVE-2020-36518

Deeply nested json in jackson-databind

Mar 12, 2022

HIGH 8.8

Maven

CVE-2020-11112

jackson-databind mishandles the interaction between serialization gadgets and typing

Jun 10, 2020

HIGH 8.8

Maven

CVE-2020-10672

jackson-databind mishandles the interaction between serialization gadgets and typing

Apr 23, 2020

UNKNOWN

Maven

CVE-2019-14893

Polymorphic deserialization of malicious object in jackson-databind

May 15, 2020

CRITICAL 10.0

Maven

CVE-2018-14721

Server-Side Request Forgery (SSRF) in jackson-databind

Jan 4, 2019

HIGH 8.8

Maven

CVE-2020-11113

jackson-databind mishandles the interaction between serialization gadgets and typing

May 15, 2020

CRITICAL 9.8

Maven

CVE-2018-19361

Deserialization of Untrusted Data in jackson-databind

Jan 4, 2019

HIGH 8.8

Maven

CVE-2020-10969

jackson-databind mishandles the interaction between serialization gadgets and typing

Apr 23, 2020

CRITICAL 9.8

Maven

CVE-2018-19360

Deserialization of Untrusted Data in jackson-databind due to polymorphic deserialization

Jan 4, 2019

HIGH 8.1

Maven

CVE-2020-14195

Deserialization of untrusted data in Jackson Databind

Jun 18, 2020

HIGH 8.1

Maven

CVE-2020-14061

Deserialization of untrusted data in Jackson Databind

Jun 18, 2020

HIGH 7.5

Maven

CVE-2018-12023

Deserialization of Untrusted Data

Jun 15, 2020

HIGH 8.8

Maven

CVE-2020-10968

jackson-databind mishandles the interaction between serialization gadgets and typing

May 15, 2020

HIGH 8.8

Maven

CVE-2020-11111

jackson-databind mishandles the interaction between serialization gadgets and typing

May 15, 2020

CRITICAL 9.8

Maven

CVE-2018-14720

XML External Entity Reference (XXE) in jackson-databind

Jan 4, 2019

HIGH 7.5

Maven

CVE-2022-42003

Uncontrolled Resource Consumption in Jackson-databind

Oct 3, 2022

CRITICAL 9.8

Maven

CVE-2019-14540

Polymorphic Typing issue in FasterXML jackson-databind

Sep 23, 2019

HIGH 8.1

Maven

CVE-2020-11620

jackson-databind mishandles the interaction between serialization gadgets and typing

Apr 23, 2020

HIGH 8.1

Maven

CVE-2021-20190

Deserialization of untrusted data in jackson-databind

Jan 20, 2021

UNKNOWN

Maven

GHSA-wrr7-33fx-rcvj

Deserialization of Untrusted Data in jackson-databind

Jun 15, 2020

HIGH 8.8

Maven

CVE-2020-10673

jackson-databind mishandles the interaction between serialization gadgets and typing

May 15, 2020

HIGH 8.1

Maven

CVE-2020-35491

Serialization gadgets exploit in jackson-databind

Dec 9, 2021

CRITICAL 9.8

Maven

CVE-2019-16943

jackson-databind polymorphic typing issue

Nov 13, 2019

CRITICAL 9.8

Maven

CVE-2020-9547

jackson-databind mishandles the interaction between serialization gadgets and typing

May 15, 2020

CRITICAL 9.8

Maven

CVE-2019-17531

jackson-databind polymorphic typing issue

Nov 13, 2019

CRITICAL 9.8

Maven

CVE-2018-14718

Arbitrary Code Execution in jackson-databind

Jan 4, 2019

CRITICAL 9.8

Maven

CVE-2020-8840

Deserialization of Untrusted Data in jackson-databind

Mar 4, 2020

CRITICAL 9.8

Maven

CVE-2019-17267

Improper Input Validation in jackson-databind

Jun 15, 2020

CRITICAL 9.8

Maven

CVE-2018-14719

Arbitrary Code Execution in jackson-databind

Jan 4, 2019

CRITICAL 9.8

Maven

CVE-2019-16335

Polymorphic Typing issue in FasterXML jackson-databind

Sep 23, 2019

CRITICAL 9.8

Maven

CVE-2019-14379

Deserialization of untrusted data in FasterXML jackson-databind

Aug 1, 2019

CRITICAL 9.8

Maven

CVE-2018-7489

FasterXML jackson-databind allows unauthenticated remote code execution

Oct 16, 2018

MEDIUM 5.9

Maven

CVE-2019-12814

Deserialization of untrusted data in FasterXML jackson-databind

Jul 17, 2019

HIGH 7.5

Maven

CVE-2019-12086

Information exposure in FasterXML jackson-databind

May 23, 2019

CRITICAL 9.8

Maven

CVE-2018-19362

com.fasterxml.jackson.core:jackson-databind vulnerable to Deserialization of Untrusted Data

Jan 4, 2019

CRITICAL 9.8

Maven

CVE-2017-15095

jackson-databind vulnerable to deserialization flaw leading to unauthenticated remote code execution

Oct 18, 2018

MEDIUM 5.9

Maven

CVE-2019-12384

Deserialization of Untrusted Data in FasterXML jackson-databind

Jul 5, 2019

CRITICAL 9.8

Maven

CVE-2019-20330

Deserialization of Untrusted Data in jackson-databind

Mar 4, 2020

CRITICAL 9.8

Maven

CVE-2019-16942

Polymorphic Typing in FasterXML jackson-databind

Oct 28, 2019

CRITICAL 9.8

Maven

CVE-2020-9548

jackson-databind mishandles the interaction between serialization gadgets and typing

May 15, 2020

HIGH 8.1

Maven

CVE-2020-35490

Serialization gadgets exploit in jackson-databind

Dec 9, 2021

HIGH 7.5

Maven

CVE-2019-14439

Deserialization of untrusted data in FasterXML jackson-databind

Aug 1, 2019

CRITICAL 9.8

Maven

CVE-2018-11307

Deserialization of Untrusted Data in jackson-databind

Jul 16, 2019

CRITICAL 9.8

Maven

CVE-2017-7525

jackson-databind is vulnerable to a deserialization flaw

Oct 16, 2018

HIGH 7.5

Maven

CVE-2018-12022

jackson-databind Deserialization of Untrusted Data vulnerability

Mar 25, 2019

HIGH 8.1

Maven

CVE-2018-5968

Deserialization of Untrusted Data in jackson-databind

Jun 30, 2020

CRITICAL 9.8

Maven

CVE-2017-17485

jackson-databind vulnerable to remote code execution due to incorrect deserialization and blocklist bypass

Oct 18, 2018

HIGH 8.1

Maven

CVE-2020-35728

Serialization gadget exploit in jackson-databind

Dec 9, 2021

HIGH 8.1

Maven

CVE-2020-36182

Unsafe Deserialization in jackson-databind

Dec 9, 2021

HIGH 8.1

Maven

CVE-2020-36179

Unsafe Deserialization in jackson-databind

Dec 9, 2021

HIGH 7.5

Maven

CVE-2019-14892

Polymorphic deserialization of malicious object in jackson-databind

May 15, 2020

HIGH 8.1

Maven

CVE-2020-36188

Unsafe Deserialization in jackson-databind

Dec 9, 2021

HIGH 8.1

Maven

CVE-2020-36180

Unsafe Deserialization in jackson-databind

Dec 9, 2021

HIGH 8.1

Maven

CVE-2020-36185

Unsafe Deserialization in jackson-databind

Dec 9, 2021

HIGH 8.1

Maven

CVE-2020-36187

Unsafe Deserialization in jackson-databind

Dec 9, 2021

HIGH 8.1

Maven

CVE-2020-24616

Code Injection in jackson-databind

Dec 9, 2021

HIGH 8.1

Maven

CVE-2020-36181

Unsafe Deserialization in jackson-databind

Dec 9, 2021

HIGH 8.1

Maven

CVE-2020-36189

Unsafe Deserialization in jackson-databind

Dec 9, 2021

HIGH 8.1

Maven

CVE-2020-36186

Unsafe Deserialization in jackson-databind

Nov 19, 2021

HIGH 8.1

Maven

CVE-2020-36184

Unsafe Deserialization in jackson-databind

Dec 9, 2021

HIGH 8.1

Maven

CVE-2020-24750

Unsafe Deserialization in jackson-databind

Dec 9, 2021

com.fasterxml.jackson.core:jackson-databind

Vulnerabilities

Uncontrolled Resource Consumption in FasterXML jackson-databind

Deserialization of untrusted data in Jackson Databind

Deserialization of untrusted data in Jackson Databind

jackson-databind mishandles the interaction between serialization gadgets and typing

Unsafe Deserialization in jackson-databind

jackson-databind mishandles the interaction between serialization gadgets and typing

jackson-databind vulnerable to unsafe deserialization

XML External Entity (XXE) Injection in Jackson Databind

jackson-databind possible Denial of Service if using JDK serialization to serialize JsonNode

Deeply nested json in jackson-databind

jackson-databind mishandles the interaction between serialization gadgets and typing

jackson-databind mishandles the interaction between serialization gadgets and typing

Polymorphic deserialization of malicious object in jackson-databind

Server-Side Request Forgery (SSRF) in jackson-databind

jackson-databind mishandles the interaction between serialization gadgets and typing

Deserialization of Untrusted Data in jackson-databind

jackson-databind mishandles the interaction between serialization gadgets and typing

Deserialization of Untrusted Data in jackson-databind due to polymorphic deserialization

Deserialization of untrusted data in Jackson Databind

Deserialization of untrusted data in Jackson Databind

Deserialization of Untrusted Data

jackson-databind mishandles the interaction between serialization gadgets and typing

jackson-databind mishandles the interaction between serialization gadgets and typing

XML External Entity Reference (XXE) in jackson-databind

Uncontrolled Resource Consumption in Jackson-databind

Polymorphic Typing issue in FasterXML jackson-databind

jackson-databind mishandles the interaction between serialization gadgets and typing

Deserialization of untrusted data in jackson-databind

Deserialization of Untrusted Data in jackson-databind

jackson-databind mishandles the interaction between serialization gadgets and typing

Serialization gadgets exploit in jackson-databind

jackson-databind polymorphic typing issue

jackson-databind mishandles the interaction between serialization gadgets and typing

jackson-databind polymorphic typing issue

Arbitrary Code Execution in jackson-databind

Deserialization of Untrusted Data in jackson-databind

Improper Input Validation in jackson-databind

Arbitrary Code Execution in jackson-databind

Polymorphic Typing issue in FasterXML jackson-databind

Deserialization of untrusted data in FasterXML jackson-databind

FasterXML jackson-databind allows unauthenticated remote code execution

Deserialization of untrusted data in FasterXML jackson-databind

Information exposure in FasterXML jackson-databind

com.fasterxml.jackson.core:jackson-databind vulnerable to Deserialization of Untrusted Data

jackson-databind vulnerable to deserialization flaw leading to unauthenticated remote code execution

Deserialization of Untrusted Data in FasterXML jackson-databind

Deserialization of Untrusted Data in jackson-databind

Polymorphic Typing in FasterXML jackson-databind

jackson-databind mishandles the interaction between serialization gadgets and typing

Serialization gadgets exploit in jackson-databind

Deserialization of untrusted data in FasterXML jackson-databind

Deserialization of Untrusted Data in jackson-databind

jackson-databind is vulnerable to a deserialization flaw

jackson-databind Deserialization of Untrusted Data vulnerability

Deserialization of Untrusted Data in jackson-databind

jackson-databind vulnerable to remote code execution due to incorrect deserialization and blocklist bypass

Serialization gadget exploit in jackson-databind

Unsafe Deserialization in jackson-databind

Unsafe Deserialization in jackson-databind

Polymorphic deserialization of malicious object in jackson-databind

Unsafe Deserialization in jackson-databind

Unsafe Deserialization in jackson-databind

Unsafe Deserialization in jackson-databind

Unsafe Deserialization in jackson-databind

Code Injection in jackson-databind

Unsafe Deserialization in jackson-databind

Unsafe Deserialization in jackson-databind

Unsafe Deserialization in jackson-databind

Unsafe Deserialization in jackson-databind

Unsafe Deserialization in jackson-databind

Start Securing