Fasterxml Jackson-dataformat-xml — known CVE vulnerabilities
Every CVE whose affected-product data names Fasterxml Jackson-dataformat-xml, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2016-3720 — CVSS 9.8 (critical): XML external entity (XXE) vulnerability in XmlMapper in the Data format extension for Jackson (aka jackson-dataformat-xml) allows attackers…
CVE-2016-7051 — CVSS 8.6 (high): XmlMapper in the Jackson XML dataformat component (aka jackson-dataformat-xml) before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers…