jackson-databind vulnerabilities

Known vulnerabilities in the jackson-databind package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
H Deserialization of Untrusted Data	<2.9.8-3+deb10u5
H Deserialization of Untrusted Data	<2.9.8-3+deb10u4
H Deserialization of Untrusted Data	<2.9.8-3+deb10u4
H Out-of-bounds Write	<2.9.8-3+deb10u4
H Deserialization of Untrusted Data	<2.9.8-3+deb10u3
H Deserialization of Untrusted Data	<2.9.8-3+deb10u3
H Deserialization of Untrusted Data	<2.9.8-3+deb10u3
H Deserialization of Untrusted Data	<2.9.8-3+deb10u3
H Deserialization of Untrusted Data	<2.9.8-3+deb10u3
H Deserialization of Untrusted Data	<2.9.8-3+deb10u3
H Deserialization of Untrusted Data	<2.9.8-3+deb10u3
H Deserialization of Untrusted Data	<2.9.8-3+deb10u3
H Deserialization of Untrusted Data	<2.9.8-3+deb10u3
H Deserialization of Untrusted Data	<2.9.8-3+deb10u3
H Deserialization of Untrusted Data	<2.9.8-3+deb10u3
H Deserialization of Untrusted Data	<2.9.8-3+deb10u3
H Deserialization of Untrusted Data	<2.9.8-3+deb10u3
H Deserialization of Untrusted Data	<2.9.8-3+deb10u3
H Deserialization of Untrusted Data	<2.9.8-3+deb10u3
H XML External Entity (XXE) Injection	<2.9.8-3+deb10u3
H Deserialization of Untrusted Data	<2.9.8-3+deb10u3
H Deserialization of Untrusted Data	<2.9.8-3+deb10u3
H Deserialization of Untrusted Data	<2.9.8-3+deb10u2
H Deserialization of Untrusted Data	<2.9.8-3+deb10u2
H Deserialization of Untrusted Data	<2.9.8-3+deb10u2
H Deserialization of Untrusted Data	<2.9.8-3+deb10u2
H Deserialization of Untrusted Data	<2.9.8-3+deb10u2
H Deserialization of Untrusted Data	<2.9.8-3+deb10u2
H Deserialization of Untrusted Data	<2.9.8-3+deb10u2
H Deserialization of Untrusted Data	<2.9.8-3+deb10u2
H Deserialization of Untrusted Data	<2.9.8-3+deb10u2
H Deserialization of Untrusted Data	<2.9.8-3+deb10u2
H Deserialization of Untrusted Data	<2.9.8-3+deb10u2
H CVE-2020-10673	<2.9.8-3+deb10u2
H CVE-2020-10672	<2.9.8-3+deb10u2
C Deserialization of Untrusted Data	<2.9.8-3+deb10u2
C Deserialization of Untrusted Data	<2.9.8-3+deb10u2
C Deserialization of Untrusted Data	<2.9.8-3+deb10u2
C Deserialization of Untrusted Data	<2.9.8-3+deb10u2
C Deserialization of Untrusted Data	<2.9.8-3+deb10u2
C Deserialization of Untrusted Data	<2.9.8-3+deb10u1
C Deserialization of Untrusted Data	<2.9.8-3+deb10u1
C Deserialization of Untrusted Data	<2.9.8-3+deb10u2
C Deserialization of Untrusted Data	<2.9.8-3+deb10u2
C Deserialization of Untrusted Data	<2.9.8-3+deb10u1
C Deserialization of Untrusted Data	<2.9.8-3+deb10u1
C Deserialization of Untrusted Data	<2.9.8-3+deb10u1
C Deserialization of Untrusted Data	<2.9.8-3+deb10u1
H Deserialization of Untrusted Data	<2.9.8-3+deb10u1
C Improperly Controlled Modification of Dynamically-Determined Object Attributes	<2.9.8-3+deb10u1
M Deserialization of Untrusted Data	<2.9.8-3
M Deserialization of Untrusted Data	<2.9.8-3
H Deserialization of Untrusted Data	<2.9.8-2
C Deserialization of Untrusted Data	<2.9.8-1
H Deserialization of Untrusted Data	<2.9.8-1
H Deserialization of Untrusted Data	<2.9.8-1
C Deserialization of Untrusted Data	<2.9.8-1
C Deserialization of Untrusted Data	<2.9.8-1
C Deserialization of Untrusted Data	<2.9.8-1
C Server-Side Request Forgery (SSRF)	<2.9.8-1
C XML External Entity (XXE) Injection	<2.9.8-1
C Deserialization of Untrusted Data	<2.9.8-1
C Deserialization of Untrusted Data	<2.9.8-1
C Incomplete Blacklist	<2.9.5-1
C Incomplete Blacklist	<2.9.1-1
C Deserialization of Untrusted Data	<2.9.1-1
H Incomplete Blacklist	<2.9.4-1
C Deserialization of Untrusted Data	<2.9.4-1

Vulnerability

Vulnerable Version

Deserialization of Untrusted Data

<2.9.8-3+deb10u5

Deserialization of Untrusted Data

<2.9.8-3+deb10u4

Deserialization of Untrusted Data

<2.9.8-3+deb10u4

Out-of-bounds Write

<2.9.8-3+deb10u4

Deserialization of Untrusted Data

<2.9.8-3+deb10u3