Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fasterxml vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2019-12384
FasterXML jackson-databind 2.x prior to 2.9.9.1 might allow malicious users to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. Depending on the classpath content, remote code execution may be possible.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Redhat Enterprise Linux 7.4
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 7.5
Redhat Enterprise Linux 7.6
Redhat Enterprise Linux 7.7
5 Github repositories
5.9
CVSSv3
CVE-2019-12814
A Polymorphic Typing issue exists in FasterXML jackson-databind 2.x up to and including 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has JDOM 1.x or 2.x jar in the classpath, an attacker...
Fasterxml Jackson-databind
Debian Debian Linux 8.0
3 Github repositories
4.7
CVSSv3
CVE-2023-35116
jackson-databind up to and including 2.15.2 allows malicious users to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies. NOTE: the vendor's perspective is that this is not a valid vulnerability report, because the steps ...
Fasterxml Jackson-databind
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8