GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
213 advisories
Polymorphic Typing in FasterXML jackson-databind
Critical
CVE-2019-16942
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
Oct 28, 2019
Polymorphic Typing issue in FasterXML jackson-databind
Critical
CVE-2019-14540
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
Sep 23, 2019
Deserialization of Untrusted Data in jackson-databind
Critical
CVE-2018-11307
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
Jul 16, 2019
XML External Entity Reference (XXE) in jackson-databind
Critical
CVE-2018-14720
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
Jan 4, 2019
com.fasterxml.jackson.core:jackson-databind vulnerable to Deserialization of Untrusted Data
Critical
CVE-2018-19362
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
Jan 4, 2019
Deserialization of Untrusted Data in jackson-databind due to polymorphic deserialization
Critical
CVE-2018-19360
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
Jan 4, 2019
Deserialization of Untrusted Data in Pippo
Critical
CVE-2018-18628
was published
for
ro.pippo:pippo-core
(Maven)
Oct 24, 2018
jackson-databind vulnerable to remote code execution due to incorrect deserialization and blocklist bypass
Critical
CVE-2017-17485
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
Oct 18, 2018
jackson-databind vulnerable to deserialization flaw leading to unauthenticated remote code execution
Critical
CVE-2017-15095
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
Oct 18, 2018
Deserialization of Untrusted Data in Bouncy castle
Critical
CVE-2018-1000613
was published
for
org.bouncycastle:bcprov-jdk15on
(Maven)
Oct 17, 2018
Apache Tika allows Java code execution for serialized objects embedded in MATLAB files
Critical
CVE-2016-6809
was published
for
org.apache.tika:tika-core
(Maven)
Oct 17, 2018
ProTip!
Advisories are also available from the
GraphQL API