Jackson Databind
Approved changes feed: RSS · Atom
cpe:2.3:a:n/a:jackson-databind:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | N/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78) |
|---|---|
| Product | Jackson Databind (0d1e6a22-a44a-59b3-80e7-e48a296cdfc9) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-20190 |
vulnerable | 2026-06-08 05:29:08.669147 |
Details available
A flaw was found in jackson-databind before 2.9.10.7. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Published: 2021-01-19T16:27:58.000Z
Updated: 2025-08-27T20:36:03.139Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-25649 |
vulnerable | 2026-06-08 05:22:37.036433 |
Details available
A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.
Published: 2020-12-03T16:16:50.000Z
Updated: 2024-08-04T15:40:36.648Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.