Max CVSS 7.5 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2019-14379 7.5
SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.
22-04-2022 - 16:03 29-07-2019 - 12:15
CVE-2019-16869 5.0
Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a "Transfer-Encoding : chunked" line), which leads to HTTP request smuggling.
30-03-2022 - 14:21 26-09-2019 - 16:15
CVE-2019-16942 7.5
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.
20-07-2021 - 23:15 01-10-2019 - 17:15
CVE-2019-12384 4.3
FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. Depending on the classpath content, remote code execution may be
20-10-2020 - 22:15 24-06-2019 - 16:15
CVE-2019-16869 5.0
Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a "Transfer-Encoding : chunked" line), which leads to HTTP request smuggling.
25-09-2020 - 00:15 26-09-2019 - 16:15
Back to Top Mark selected
Back to Top