FasterXML/jackson-dataformat-xml

Releases188

Frequency3 weeks 6 days

Last Release 18 days ago

Stars624

Extension for Jackson JSON processor that adds support for serializing POJOs as XML (and deserializing from XML) as an alternative to JSON

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2016-7051 ↗	Apr 14, 2017Friday, 14 April 2017, 18:59	8.6 HIGH	5 MEDIUM
XmlMapper in the Jackson XML dataformat component (aka jackson-dataformat-xml) before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors related to a DTD.