Search CVE reports
1 – 3 of 3 results
Some fixes available 2 of 5
A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes.
1 affected package
libjackson-json-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjackson-json-java | Not affected | Not affected | Needs evaluation | Needs evaluation |
Some fixes available 6 of 10
A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the...
2 affected packages
jackson-databind, libjackson-json-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| jackson-databind | Not affected | Not affected | Not affected | Not affected |
| libjackson-json-java | Not affected | Not affected | Needs evaluation | Needs evaluation |
Some fixes available 6 of 9
A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue...
2 affected packages
jackson-databind, libjackson-json-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| jackson-databind | Not affected | Not affected | Not affected | Not affected |
| libjackson-json-java | Not affected | Not affected | Needs evaluation | Needs evaluation |