Lucene search
K

3722 matches found

OSV
OSV
added yesterday9 views

ROOT-APP-MAVEN-CVE-2026-54512 CVE-2026-54512 in io.root.com.fasterxml.jackson.core:jackson-databind - Patched by Root

Root has patched CVE-2026-54512 in the io.root.com.fasterxml.jackson.core:jackson-databind package for Root:Maven. Multiple fixed versions available...

8.1CVSS5.8AI score0.00617EPSS
Exploits1
OSV
OSV
added yesterday10 views

ROOT-APP-MAVEN-CVE-2026-54513 CVE-2026-54513 in io.root.com.fasterxml.jackson.core:jackson-databind - Patched by Root

Root has patched CVE-2026-54513 in the io.root.com.fasterxml.jackson.core:jackson-databind package for Root:Maven. Multiple fixed versions available...

8.1CVSS5.8AI score0.00695EPSS
Exploits0
Nuclei
Nuclei
added yesterday27 views

FasterXML jackson-databind - Deserialization Remote Code Execution

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig aka ibatis-sqlmap. This vulnerability allows attackers to execute arbitrary code through deserialization of...

9.8CVSS7.3AI score0.18671EPSS
Exploits0References3
Nuclei
Nuclei
added yesterday115 views

FasterXML Jackson Databind <=2.9.10.4 - Remote Code Execution

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig aka anteros-core. id: CVE-2020-9548 info: name: FasterXML Jackson Databind =2.9.10.4 - Remote Code Execution author: tomaquet18...

9.8CVSS7AI score0.18345EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 6 days ago7 views

jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass

A flaw was found in jackson-databind. This vulnerability allows a remote attacker to bypass the PolymorphicTypeValidator PTV when polymorphic typing is enabled and a type identifier contains generic parameters. By crafting a malicious type ID, an attacker can place a denied class as a generic typ...

8.1CVSS6.2AI score0.00617EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 6 days ago4 views

jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution

A flaw was found in jackson-databind, a library used for processing data. This vulnerability allows an attacker to bypass security controls designed to validate data types. By sending specially crafted input, an attacker can force the system to process untrusted data, which may lead to the...

8.1CVSS6AI score0.00695EPSS
Exploits0References10
IBM Security Bulletins
IBM Security Bulletins
added 6 days ago9 views

Security Bulletin: Denial of Service Vulnerability in jackson-core affect IBM Cloud Pak System[WS-2022-0468]

Summary Denial of Service Vulnerability in jackson-core was addressed in IBM Cloud Pak System version 2.3.6.0 and IBM Cloud Pak System version 2.3.5.1 BYOH on power. Vulnerability Details ID:WS-2022-0468 DESCRIPTION: The jackson-core package is vulnerable to a Denial of Service DoS attack. The...

6AI score
Exploits0Affected Software3
OSV
OSV
added last week15 views

ROOT-APP-MAVEN-CVE-2022-42004 CVE-2022-42004 in io.root.com.fasterxml.jackson.core:jackson-databind - Patched by Root

Root has patched CVE-2022-42004 in the io.root.com.fasterxml.jackson.core:jackson-databind package for Root:Maven. Multiple fixed versions available...

7.5CVSS6.7AI score0.02706EPSS
Exploits1
OSV
OSV
added last week19 views

ROOT-APP-MAVEN-CVE-2022-42003 CVE-2022-42003 in io.root.com.fasterxml.jackson.core:jackson-databind - Patched by Root

Root has patched CVE-2022-42003 in the io.root.com.fasterxml.jackson.core:jackson-databind package for Root:Maven. Multiple fixed versions available...

7.5CVSS6.8AI score0.02706EPSS
Exploits2
OSV
OSV
added last week9 views

ROOT-APP-MAVEN-CVE-2020-36518 CVE-2020-36518 in io.root.com.fasterxml.jackson.core:jackson-databind - Patched by Root

Root has patched CVE-2020-36518 in the io.root.com.fasterxml.jackson.core:jackson-databind package for Root:Maven. Multiple fixed versions available...

7.5CVSS6.8AI score0.0486EPSS
Exploits1
OSV
OSV
added last week10 views

ROOT-APP-MAVEN-CVE-2021-46877 CVE-2021-46877 in io.root.com.fasterxml.jackson.core:jackson-databind - Patched by Root

Root has patched CVE-2021-46877 in the io.root.com.fasterxml.jackson.core:jackson-databind package for Root:Maven. Multiple fixed versions available...

7.5CVSS7.1AI score0.01124EPSS
Exploits1
OSV
OSV
added last week11 views

ROOT-APP-MAVEN-CVE-2020-25649 CVE-2020-25649 in io.root.com.fasterxml.jackson.core:jackson-databind - Patched by Root

Root has patched CVE-2020-25649 in the io.root.com.fasterxml.jackson.core:jackson-databind package for Root:Maven. Multiple fixed versions available...

7.5CVSS6.7AI score0.17611EPSS
Exploits0
OSV
OSV
added 2026/07/02 6:28 a.m.8 views

ROOT-APP-MAVEN-GHSA-72HV-8253-57QQ GHSA-72hv-8253-57qq in io.root.com.fasterxml.jackson.core:jackson-core - Patched by Root

Root has patched GHSA-72hv-8253-57qq in the io.root.com.fasterxml.jackson.core:jackson-core package for Root:Maven. Multiple fixed versions available...

5.8AI score
Exploits0
OSV
OSV
added 2026/07/02 6:19 a.m.16 views

ROOT-APP-MAVEN-CVE-2025-52999 CVE-2025-52999 in io.root.com.fasterxml.jackson.core:jackson-core - Patched by Root

Root has patched CVE-2025-52999 in the io.root.com.fasterxml.jackson.core:jackson-core package for Root:Maven. Multiple fixed versions available...

8.7CVSS7.2AI score0.00634EPSS
Exploits0
Patchstack
Patchstack
added 2026/07/01 4:54 p.m.6 views

WordPress ThumbPress plugin <= 6.3.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Denver Jackson in WordPress Plugin ThumbPress versions = 6.3.2...

4.3CVSS5.8AI score0.00203EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/07/01 9:2 a.m.2 views

OPENSUSE-SU-2026:21201-1 Security update for jackson-annotations, jackson-core, jackson-databind

This update for jackson-annotations, jackson-core, jackson-databind fixes the following issues - CVE-2026-54512: jackson-databind has a PolymorphicTypeValidator bypass via generic type parameters that allows arbitrary class instantiation bsc1268897. - CVE-2026-54513: jackson-databind has an array...

8.1CVSS6.1AI score0.00695EPSS
Exploits1References9
OSV
OSV
added 2026/07/01 8:56 a.m.2 views

SUSE-SU-2026:22504-1 Security update for jackson-annotations, jackson-core, jackson-databind

This update for jackson-annotations, jackson-core, jackson-databind fixes the following issues - CVE-2026-54512: jackson-databind has a PolymorphicTypeValidator bypass via generic type parameters that allows arbitrary class instantiation bsc1268897. - CVE-2026-54513: jackson-databind has an array...

8.1CVSS6.1AI score0.00695EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2026/06/30 10:29 p.m.8 views

CVE-2026-50193

A flaw was found in jackson-databind, a general-purpose data-binding library for Jackson Data Processor. A remote attacker can exploit this vulnerability by sending deeply nested JSON JavaScript Object Notation data to a service that reads and processes it. This can lead to a Denial of Service Do...

7.5CVSS5.7AI score0.00616EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/06/30 9:36 p.m.17 views

CVE-2026-54516

A flaw was found in jackson-databind. This vulnerability allows a remote attacker to bypass security controls by exploiting an issue in how properties are handled when both @JsonProperty for renaming and @JsonIgnore for ignoring annotations are used. By supplying a specially crafted JSON key, an...

5.3CVSS5.7AI score0.00282EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/30 9:32 p.m.17 views

CVE-2026-54517

A flaw was found in jackson-databind. A remote attacker can exploit this vulnerability due to an issue in how active-view @JsonView filters are applied. Specifically, setterless collections annotated with a restricted @JsonView can be populated from attacker-controlled JSON even when the active...

5.3CVSS5.7AI score0.00237EPSS
Exploits0References8
Rows per page
Query Builder