sonatype-2016-0593

sonatype-2016-0593

com.fasterxml.jackson.core:jackson-databind - Ensure DOM parsing defaults to not expanding external entities

Published May 29, 2019

CVSS ScoreMedium

6.3

sonatype-2016-0593

com.fasterxml.jackson.core:jackson-databind - Ensure DOM parsing defaults to not expanding external entities

Published May 29, 2019

CVSS ScoreMedium

6.3

CVE ID: sonatype-2016-0593
CWE: N/A
CVE Description: com.fasterxml.jackson.core:jackson-databind - Ensure DOM parsing defaults to not expanding external entities
Published: May 29, 2019
CVSS Score & Severity: 6.3Medium
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
EPSS Score: 0%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Vulnerable Methods: com/fasterxml/jackson/databind/ext/DOMDeserializer.parse(Ljava/lang/String;)Lorg/w3c/dom/Document;
JVMVulnerable params: 0
Affected Ecosystems: affected
Source: Sonatype
References: GitHub · Issue #1279PROJECT

CVE ID: sonatype-2016-0593
CWE: N/A
CVE Description: com.fasterxml.jackson.core:jackson-databind - Ensure DOM parsing defaults to not expanding external entities
Published: May 29, 2019
CVSS Score & Severity: 6.3Medium
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
EPSS Score: 0%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Vulnerable Methods: com/fasterxml/jackson/databind/ext/DOMDeserializer.parse(Ljava/lang/String;)Lorg/w3c/dom/Document;
JVMVulnerable params: 0
Affected Ecosystems: affected
Source: Sonatype
References: GitHub · Issue #1279PROJECT

Find vulnerabilities. Fix fast with AI.