7 matches found
ROOT-APP-MAVEN-CVE-2019-17267 CVE-2019-17267 in io.root.com.fasterxml.jackson.core:jackson-databind - Patched by Root
Root has patched CVE-2019-17267 in the io.root.com.fasterxml.jackson.core:jackson-databind package for Root:Maven. Multiple fixed versions available...
Advisory ROSA-SA-2026-3187
Software: jackson-databind 2.10.0 OS: ROSA Virtualization 2.1 unaffected versions = jackson-databind-2.10.0-1.0.2.rv3 affected versions jackson-databind-2.10.0-1.0.2.rv3 CVE-ID: CVE-2020-25649 BDU-ID: 2022-05602 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the DOMDeserializer component of the...
Security Bulletin: Vulnerability In Jackson Databind library shipped with IBM Global Mailbox (CVE-2020-25649)
Summary Security vulnerability have been Identified In Jackson Databind library shipped with IBM Global Mailbox Vulnerability Details CVEID: CVE-2020-25649 DESCRIPTION: FasterXML Jackson Databind could provide weaker than expected security, caused by not having entity expansion secured properly. ...
Security Bulletin: Multiple security vulnerabilities have been identified In Jackson Databind library shipped with IBM Global Mailbox (CVE-2019-14892, CVE-2019-14893)
Summary Multiple security vulnerabilities have been identified In Jackson Databind library shipped with IBM Global Mailbox CVE-2019-14892, CVE-2019-14893 Vulnerability Details CVEID: CVE-2019-14892 DESCRIPTION: FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on...
The vulnerability of the logback-core class in the QOS.ch file of the Jackson-databind library allows a hacker to execute arbitrary code.
The vulnerability of the logback-core class in the QOS.ch file of the Jackson-databind library is related to the recovery of unreliable data in memory. Exploiting this vulnerability may allow a remote attacker to execute arbitrary code...
The vulnerability of the Jackson-databind library, related to deficiencies in the deserialization mechanism, allows attackers to execute arbitrary code.
The vulnerability of the Jackson-databind library is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code...
GHSA-9MXF-G3X6-WV74 Server-Side Request Forgery (SSRF) in jackson-databind
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery SSRF attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization...