Lucene search
K

7 matches found

Github Security Blog
Github Security Blog
added 2018/10/18 5:43 p.m.76 views

jackson-dataformat-xml vulnerable to XML external entity (XXE)

XML external entity XXE vulnerability in XmlMapper in the Data format extension for Jackson aka jackson-dataformat-xml allows attackers to have unspecified impact via unknown vectors...

9.8CVSS6.9AI score0.0278EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2016/06/10 3:59 p.m.32 views

Xxe

XML external entity XXE vulnerability in XmlMapper in the Data format extension for Jackson aka jackson-dataformat-xml allows attackers to have unspecified impact via unknown vectors...

7.5CVSS7.1AI score0.0278EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2016/06/10 3:0 p.m.53 views

CVE-2016-3720

XML external entity XXE vulnerability in XmlMapper in the Data format extension for Jackson aka jackson-dataformat-xml allows attackers to have unspecified impact via unknown vectors...

7.6AI score0.0278EPSS
Exploits0References1
CVE
CVE
added 2016/06/10 3:0 p.m.205 views

CVE-2016-3720

CVE-2016-3720 describes an XML External Entity (XXE) vulnerability in Jackson’s Data format extension, jackson-dataformat-xml, specifically in XmlMapper. The connected documents corroborate a related XXE issue affecting jackson-mapper-asl and related Codehaus Jackson libraries, and reference warn...

9.8CVSS8.5AI score0.0278EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2016/06/10 3:0 p.m.54 views

CVE-2016-3720

XML external entity XXE vulnerability in XmlMapper in the Data format extension for Jackson aka jackson-dataformat-xml allows attackers to have unspecified impact via unknown vectors...

9.8CVSS7.1AI score0.0278EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2016/05/04 8:19 a.m.32 views

CVE-2016-3720

XML external entity XXE vulnerability in XmlMapper in the Data format extension for Jackson aka jackson-dataformat-xml allows attackers to have unspecified impact via unknown vectors...

7.5CVSS7.4AI score0.0278EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2014/08/13 9:32 p.m.7 views

openssl: race condition in ssl_parse_serverhello_tlsext

A race condition was found in the way OpenSSL handled ServerHello messages with an included Supported EC Point Format extension. A malicious server could possibly use this flaw to cause a multi-threaded TLS/SSL client using OpenSSL to write into freed memory, causing the client to crash or execut...

6.8CVSS6.9AI score0.13359EPSS
Exploits0References5
Rows per page
Query Builder