Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.6
CVE-2016-7051
- EPSS 0.54%
- Published 14.04.2017 18:59:00
- Last modified 20.04.2025 01:37:25
XmlMapper in the Jackson XML dataformat component (aka jackson-dataformat-xml) before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors related to a DTD.
9.8
CVE-2016-3720
- EPSS 0.21%
- Published 10.06.2016 15:59:04
- Last modified 12.04.2025 10:46:40
XML external entity (XXE) vulnerability in XmlMapper in the Data format extension for Jackson (aka jackson-dataformat-xml) allows attackers to have unspecified impact via unknown vectors.
1