Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/06/30 8:50 p.m.20 views

CVE-2026-54515

A flaw was found in jackson-databind. This vulnerability occurs in the data-binding functionality where properties intended to be ignored are incorrectly restored and become writable again. An attacker could potentially exploit this by providing input that modifies data through these supposedly...

5.3CVSS5.6AI score0.00345EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/06/25 2:19 a.m.8 views

SUSE CVE-2026-54515

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.8.0 until 2.18.9, 2.21.5, and 3.1.4, in BeanDeserializerBase.createContextual, per-property @JsonIgnoreProperties exclusions are applied by handleByNameInclusion, producing a...

5.3CVSS5.8AI score0.00345EPSS
Exploits0References5
Snyk
Snyk
added 2026/06/23 9:23 p.m.5 views

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes in the BeanDeserializerBase.createContextual method, which applies the per-property exclusions through handleByNameInclusion and then rebuilds the property m...

6.9CVSS5.8AI score0.00345EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/23 9:23 p.m.4 views

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview com.fasterxml.jackson.core:jackson-databind is a library which contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object...

6.9CVSS6AI score0.00345EPSS
Exploits0References2
NVD
NVD
added 2026/06/23 9:17 p.m.109 views

CVE-2026-54515

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.8.0 until 2.18.9, 2.21.5, and 3.1.4, in BeanDeserializerBase.createContextual, per-property @JsonIgnoreProperties exclusions are applied by handleByNameInclusion, producing a...

5.3CVSS0.00345EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.13 views

PT-2026-51598

Name of the Vulnerable Software and Affected Versions jackson-databind versions 2.8.0 through 2.18.8 jackson-databind versions 2.21.0 through 2.21.4 jackson-databind versions 3.0.0 through 3.1.3 Description In the createContextual function of BeanDeserializerBase, per-property @JsonIgnoreProperti...

5.3CVSS5.7AI score0.00345EPSS
Exploits0References34
Rows per page
Query Builder