Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8
CVE-2017-15095
- EPSS 7.41%
- Published 06.02.2018 15:29:00
- Last modified 21.11.2024 03:14:03
A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMappe...
9.8
CVE-2017-7525
- EPSS 77.34%
- Published 06.02.2018 15:29:00
- Last modified 21.11.2024 03:32:04
A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the Obj...
6.2
CVE-2017-15707
- EPSS 2.48%
- Published 01.12.2017 16:29:00
- Last modified 20.04.2025 01:37:25
In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload.
1