CVE-2016-3720

CVSS v3.1 9.8 (Critical)

CVSS v2.0 7.5 (High)

EPSS 0.22 % (60^th)

Affected Products 2

Advisories 4

XML external entity (XXE) vulnerability in XmlMapper in the Data format extension for Jackson (aka jackson-dataformat-xml) allows attackers to have unspecified impact via unknown vectors.

Weaknesses

CWE-NVD-noinfo

Related CVEs

CVE-2019-10172

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2016-06-10 15:59:04
(8 years ago)
Updated Date: 2019-10-10 12:18:55
(5 years ago)

Affected Products

Fasterxml

Jackson-dataformat-xml

Fedoraproject

Fedora

Configuration #1

		CPE23	From	Up To
	Fedoraproject Fedora 24	cpe:2.3:o:fedoraproject:fedora:24

Configuration #2

		CPE23	From	Up To
	Fasterxml Jackson-dataformat-xml 2.7.3 and prior versions	cpe:2.3:a:fasterxml:jackson-dataformat-xml		<= 2.7.3