pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-xml

Type maven

Namespace com.fasterxml.jackson.dataformat

Name jackson-dataformat-xml

Known advisories, vulnerabilities and fixes for com.fasterxml.jackson.dataformat/jackson-dataformat-xml package.

Repository: https://mvnrepository.com/artifact/com.fasterxml.jackson.dataformat/jackson-dataformat-xml

Critical 1

High 1

Type	Version	Distribution	# CVEs	# Advisory ID	Title	Severity	Published
Affected	>= 2.8.0, < 2.8.4 < 2.7.8		CVE-2016-7051	MAVEN:GHSA-7C2R-3JQF-C9RW	jackson-dataformat-xml vulnerable to server side request forgery (SSRF)	high	2018-10-18T17:43:28 (6 years ago)
Fixed	= 2.8.4 = 2.7.8		CVE-2016-7051	MAVEN:GHSA-7C2R-3JQF-C9RW	jackson-dataformat-xml vulnerable to server side request forgery (SSRF)	high	2018-10-18T17:43:28 (6 years ago)
Affected	< 2.7.4		CVE-2016-3720	MAVEN:GHSA-HMQ6-FRV3-4727	jackson-dataformat-xml vulnerable to XML external entity (XXE)	critical	2018-10-18T17:43:16 (6 years ago)
Fixed	= 2.7.4		CVE-2016-3720	MAVEN:GHSA-HMQ6-FRV3-4727	jackson-dataformat-xml vulnerable to XML external entity (XXE)	critical	2018-10-18T17:43:16 (6 years ago)