Max CVSS 7.5 Min CVSS 7.5 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2018-14718 7.5
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.
21-05-2021 - 15:30 02-01-2019 - 18:29
CVE-2018-14719 7.5
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization.
21-05-2021 - 15:22 02-01-2019 - 18:29
CVE-2018-14721 7.5
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.
31-08-2020 - 14:15 02-01-2019 - 18:29
CVE-2018-14720 7.5
FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.
31-08-2020 - 14:15 02-01-2019 - 18:29
Back to Top Mark selected
Back to Top