CVE security advisories and vulnerability history for jackson-databind by fasterxml.
70
Total CVEs
Published
0
In CISA KEV
Exploited in the wild
1
Public exploits
With known exploit
8.3
Avg CVSS
2018–2023
Last updated
Overview
fasterxml jackson-databind has 70 published CVE records since 2018, of which 0 are in CISA's Known Exploited Vulnerabilities catalog and 1 have a known public exploit. The average CVSS base score across scored CVEs is 8.3.
This page aggregates every publicly disclosed vulnerability (CVE) affecting fasterxml jackson-databind, with a severity breakdown, the affected and patched versions, the most common weakness types, and the full CVE list.
Severity and exploitation
How the CVSS severity of fasterxml jackson-databind's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.
Critical1
High20
Medium1
Low0
48 additional CVEs have no CVSS severity score.
In CISA’s Known Exploited Vulnerabilities catalog
0
None of fasterxml jackson-databind's CVEs are currently listed in CISA's KEV catalog.
Public exploits
1
One of fasterxml jackson-databind's CVEs has a known public exploit available.
Affected versions and CVEs
Browse every fasterxml jackson-databind version named in a CVE, then pick one to see only the CVEs that affect it.
Common questions about fasterxml jackson-databind vulnerabilities.
How many CVEs does fasterxml jackson-databind have?
fasterxml jackson-databind has 70 published CVE records since 2018.
How many fasterxml jackson-databind CVEs are in CISA KEV?
None of fasterxml jackson-databind's CVEs are currently listed in CISA's Known Exploited Vulnerabilities catalog.
Are there public exploits for fasterxml jackson-databind vulnerabilities?
Yes — 1 of fasterxml jackson-databind's CVEs have a known public exploit.
Which versions of fasterxml jackson-databind are affected?
316 distinct fasterxml jackson-databind versions are named across its CVEs. Use the version filter above to see the CVEs affecting a specific version.
What are the most common weakness types in fasterxml jackson-databind CVEs?
fasterxml jackson-databind's CVEs most often map to these CWE weakness types: CWE-502 (Deserialization of Untrusted Data), CWE-184 (Incomplete List of Disallowed Inputs), CWE-611 (Improper Restriction of XML External Entity Reference), CWE-770 (Allocation of Resources Without Limits or Throttling).
How many critical fasterxml jackson-databind vulnerabilities are there?
fasterxml jackson-databind has 1 critical and 20 high-severity CVEs.
What is the average severity of fasterxml jackson-databind CVEs?
The average CVSS base score across fasterxml jackson-databind's scored CVEs is 8.3.
