Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5
CVE-2020-25649
- EPSS 0.01%
- Published 03.12.2020 17:15:12
- Last modified 21.11.2024 05:18:20
A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.
6.1
CVE-2019-10219
- EPSS 1.67%
- Published 08.11.2019 15:15:11
- Last modified 07.07.2025 14:15:21
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
7.5
CVE-2019-10086
- EPSS 0.26%
- Published 20.08.2019 21:15:12
- Last modified 21.11.2024 04:18:22
In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by defa...
1