Known Vulnerabilities for products from Fasterxml
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Fasterxml".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-34480 json | Not Provided | 2026-04-10 | 2026-04-10 | |
| CVE-2023-35116 json | ** DISPUTED ** jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via ... | 4.7 - MEDIUM | 2023-06-14 | 2023-12-07 |
| CVE-2023-3894 json | Those using jackson-dataformats-text to parse TOML data may be vulnerable to Denial of Service attacks (DOS). If the parser i... | 7.5 - HIGH | 2023-08-08 | 2023-08-15 |
| CVE-2022-42004 json | In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._... | 7.5 - HIGH | 2022-10-02 | 2022-12-02 |
| CVE-2022-42003 json | In FasterXML jackson-databind before 2.14.0-rc1, resource exhaustion can occur because of a lack of a check in primitive valu... | 7.5 - HIGH | 2022-10-02 | 2023-12-20 |
| CVE-2022-40152 json | Those using Woodstox to parse XML data may be vulnerable to Denial of Service attacks (DOS) if DTD support is enabled. If the... | 7.5 - HIGH | 2022-09-16 | 2023-02-09 |
| CVE-2021-46877 json | jackson-databind 2.10.x through 2.12.x before 2.12.6 and 2.13.x before 2.13.1 allows attackers to cause a denial of service (... | 7.5 - HIGH | 2023-03-18 | 2023-08-08 |
| CVE-2021-20190 json | A flaw was found in jackson-databind before 2.9.10.7. FasterXML mishandles the interaction between serialization gadgets and ... | 8.1 - HIGH | 2021-01-19 | 2023-11-07 |
| CVE-2020-36518 json | jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested object... | 7.5 - HIGH | 2022-03-11 | 2022-11-29 |
| CVE-2020-36189 json | FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related t... | 8.1 - HIGH | 2021-01-06 | 2023-09-13 |
| CVE-2020-36188 json | FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related t... | 8.1 - HIGH | 2021-01-06 | 2023-09-13 |
| CVE-2020-36187 json | FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related t... | 8.1 - HIGH | 2021-01-06 | 2023-09-13 |
| CVE-2020-36186 json | FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related t... | 8.1 - HIGH | 2021-01-06 | 2023-09-13 |
| CVE-2020-36185 json | FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related t... | 8.1 - HIGH | 2021-01-06 | 2023-09-13 |
| CVE-2020-36184 json | FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related t... | 8.1 - HIGH | 2021-01-06 | 2023-09-13 |
| CVE-2020-36183 json | FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related t... | 8.1 - HIGH | 2021-01-07 | 2023-09-13 |
| CVE-2020-36182 json | FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related t... | 8.1 - HIGH | 2021-01-07 | 2023-09-13 |
| CVE-2020-36181 json | FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related t... | 8.1 - HIGH | 2021-01-06 | 2023-09-13 |
| CVE-2020-36180 json | FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related t... | 8.1 - HIGH | 2021-01-07 | 2023-09-13 |
| CVE-2020-36179 json | FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related t... | 8.1 - HIGH | 2021-01-07 | 2023-11-07 |
Known software with vulnerabilities from Fasterxml
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Fasterxml | Jackson | - |
| Application | Fasterxml | Jackson-databind | 2.0.0 |
| Application | Fasterxml | Jackson-dataformat-xml | 2.0.0 |
| Application | Fasterxml | Jackson-mapper-asl | 1.9.0 |
| Application | Fasterxml | Jackson-modules-java8 | 2.10.0 |