RSS   Vulnerabilities for 'Jackson-dataformat-xml'   RSS

2017-04-14
 
CVE-2016-7051

CWE-918
 

 
XmlMapper in the Jackson XML dataformat component (aka jackson-dataformat-xml) before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors related to a DTD.

 
2016-06-10
 
CVE-2016-3720

CWE-noinfo
 

 
XML external entity (XXE) vulnerability in XmlMapper in the Data format extension for Jackson (aka jackson-dataformat-xml) allows attackers to have unspecified impact via unknown vectors.

 

 >>> Vendor: Fasterxml 5 Products
Jackson
Jackson-databind
Jackson-dataformat-xml
Jackson-mapper-asl
Jackson-dataformats-binary


Copyright 2024, cxsecurity.com

 

Back to Top