CVEs (2)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Fasterxml 1Jackson Dataformat Xml May 13, 2026 Apr 14, 2017 N/A· v4 8.6 HIGH· v3 5.0 MEDIUM· v2 XmlMapper in the Jackson XML dataformat component (aka jackson-dataformat-xml) before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors related to a DT...Show more |
2Fasterxml Fedoraproject2Fedora Jackson Dataformat XmlMay 6, 2026 Jun 10, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 XML external entity (XXE) vulnerability in XmlMapper in the Data format extension for Jackson (aka jackson-dataformat-xml) allows attackers to have unspecified impact via unknown vectors. |