CVE-2016-7051
Published
CVSS v3
8.6
HIGH
CVSS v2
5
MEDIUM
Affected
1
PROJECT
Description
XmlMapper in the Jackson XML dataformat component (aka jackson-dataformat-xml) before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors related to a DTD.
Extension for Jackson JSON processor that adds support for serializing POJOs as XML (and deserializing from XML) as an alternative to JSON
GitHub