Описание
A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libjackson-json-java | fixed | 1.9.13-2 | package | |
| libjackson-json-java | fixed | 1.9.13-2~deb10u1 | buster | package |
Примечания
https://bugzilla.redhat.com/show_bug.cgi?id=1715075
https://stackoverflow.com/questions/38017676/small-fix-for-cve-2016-3720-with-older-versions-of-jackson-all-1-9-11-and-in-ja/38017721
https://github.com/FasterXML/jackson-1/pull/1
Связанные уязвимости
A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes.
A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes.
A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes.
Improper Restriction of XML External Entity Reference in jackson-mapper-asl
Уязвимость компонента org.codehaus.jackson библиотеки jackson-mapper-asl, позволяющая нарушителю оказать воздействие на целостность данных