`com.fasterxml.jackson.core:jackson-databind`

Ecosystem:
maven

Package URL:
pkg:maven/com.fasterxml.jackson.core:jackson-databind

Total PRs:
2,270 Dependabot PRs

Latest PR:
about 15 hours ago

Unique Repositories:
872 repositories

Unique Repos (30 days):
291 repositories

Security Advisories

jackson-databind mishandles the interaction between serialization gadgets and typing

GHSA-758m-v56v-grj4 CVE-2020-10969 HIGH published over 5 years ago • updated 4 months ago

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorP...

Deserialization of Untrusted Data in jackson-databind due to polymorphic deserialization

GHSA-f9hv-mg5h-xcw9 CVE-2018-19360 CRITICAL published over 6 years ago • updated about 2 months ago

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms...

Deserialization of untrusted data in Jackson Databind

GHSA-mc6h-4qgp-37qh CVE-2020-14195 HIGH published over 5 years ago • updated about 2 months ago

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm....

jackson-databind mishandles the interaction between serialization gadgets and typing

GHSA-q93h-jc49-78gg CVE-2020-9547 CRITICAL published over 5 years ago • updated about 2 months ago

FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related ...

jackson-databind vulnerable to deserialization flaw leading to unauthenticated remote code execution

GHSA-h592-38cm-4ggp CVE-2017-15095 CRITICAL published almost 7 years ago • updated about 1 month ago

jackson-databind in versions prior to 2.8.11 and 2.9.4 contain a deserialization flaw which allows an unauthenticated user to perform code executio...

View all 69 advisories

Recent PRs

RSS Feed

Bump the backend group across 1 directory with 15 updates

seism0saurus/glacier #167

2.19.0 → 2.20.0 Minor PR

Open about 15 hours ago

chore(deps): bump the maven-version-updates group across 1 directory with 21 updates

zitadel/client-java #104

2.19.2 → 2.20.0 Minor PR

Open about 21 hours ago

Bump com.fasterxml.jackson.core:jackson-databind from 2.15.2 to 2.20.0

linpeilie/switch-environments #12

2.15.2 → 2.20.0 Minor PR

Open 1 day ago

Bump the fasterxml group across 1 directory with 4 updates

archivesatncbs/ancbs-collections-backend #33

2.18.2 → 2.20.0 Minor PR

Open 1 day ago

Bump the jackson group with 6 updates

VEuPathDB/lib-jersey-multipart-jackson-pojo #25

2.19.2 → 2.20.0 Minor PR

Open 1 day ago

Bump the third-party group across 1 directory with 26 updates

openziti/ziti-sdk-jvm #718

2.19.2 → 2.20.0 Minor PR

Open 1 day ago

Bump the jackson group with 7 updates

VEuPathDB/lib-jaxrs-container-core #86

2.19.2 → 2.20.0 Minor PR

Open 1 day ago

Bump the dependencies group with 15 updates

pf-wikis/bots #97

2.19.1 → 2.20.0 Minor PR

Open 1 day ago

Bump com.fasterxml.jackson.core:jackson-databind from 2.18.2 to 2.20.0

MrKuip/commons-fx #6

2.18.2 → 2.20.0 Minor PR

Open 1 day ago

Bump the fasterxml group across 1 directory with 4 updates

ciscocarvalho/DSpace7 #30

2.18.3 → 2.20.0 Minor PR

Open 1 day ago

chore(deps): bump the gradle-dependencies group across 1 directory with 2 updates

AllayMC/StateUpdater #5

2.17.2 → 2.20.0 Minor PR

Open 1 day ago

Bump the java-production-dependencies group across 1 directory with 13 updates

SuGotLand/Cryptomator_crack #16

2.18.3 → 2.20.0 Minor PR

Open 1 day ago

chore(deps): bump the gradle-dependencies group with 3 updates

AllayMC/StateUpdater #4

2.17.2 → 2.20.0 Minor PR

Open 2 days ago

Bump the patches group with 18 updates

telicent-oss/smart-cache-entity-resolution #148

2.19.2 → 2.20.0 Minor PR

Merged 2 days ago 1 comment

chore(deps): Bump com.fasterxml.jackson.core:jackson-databind from 2.18.4 to 2.20.0

vemikrs/jackson-databind-jsonc #58

2.18.4 → 2.20.0 Minor PR

Open 3 days ago

Bump the jackson group with 6 updates

VEuPathDB/lib-jersey-multipart-jackson-pojo #18

2.19.0 → 2.20.0 Minor PR

Merged 4 days ago

chore(deps): bump the all-dependencies group across 1 directory with 8 updates

hmcts/service-cp-refdata-courthearing-judges #154

2.19.2 → 2.20.0 Minor PR

Open 4 days ago 2 comments

Bump the backend group across 1 directory with 14 updates

seism0saurus/glacier #165

2.19.0 → 2.20.0 Minor PR

Closed 5 days ago 1 comment

chore(deps): bump com.fasterxml.jackson.core:jackson-databind from 2.17.2 to 2.20.0

ZaliczTo-PL/simpay-java-sdk #5

2.17.2 → 2.20.0 Minor PR

Open 5 days ago

chore(deps): bump the all-dependencies group across 1 directory with 9 updates

hmcts/service-cp-crime-courthearing-cases #71

2.19.2 → 2.20.0 Minor PR

Open 5 days ago

Bump the all-dependencies group across 1 directory with 29 updates

digicert/domain-control-validation #84

2.19.0 → 2.20.0 Minor PR

Open 5 days ago

Bump the minor-and-patch group across 1 directory with 20 updates

basis-technology-corp/open-source-parent #190

2.19.2 → 2.20.0 Minor PR

Open 5 days ago

Bump com.fasterxml.jackson.core:jackson-databind from 2.12.4 to 2.12.7.1 in /klab.hub

integratedmodelling/klab #270

2.12.4 → 2.12.7.1 Patch PR

Open 6 days ago

chore(deps): bump the all-dependencies group across 1 directory with 8 updates

hmcts/service-cp-refdata-courthearing-courthouses #82

2.19.2 → 2.20.0 Minor PR

Closed 6 days ago 1 comment

Bump the kotlin group across 1 directory with 12 updates

Buried-In-Code/Bookshelf #190

2.19.2 → 2.20.0 Minor PR

Open 6 days ago

Bump the jars group across 1 directory with 20 updates

target/emoji_manager #161

2.19.1 → 2.20.0 Minor PR

Open 6 days ago 1 comment

chore(deps): bump the all-dependencies group across 1 directory with 8 updates

hmcts/service-cp-crime-courthearing-cases #70

2.19.2 → 2.20.0 Minor PR

Open 6 days ago

chore(deps): bump the all-dependencies group across 1 directory with 7 updates

hmcts/service-cp-refdata-courthearing-judges #153

2.19.2 → 2.20.0 Minor PR

Closed 6 days ago 1 comment

Bump the dependencies group across 1 directory with 4 updates

simonmarty/aws-secretsmanager-jdbc #84

2.19.0 → 2.20.0 Minor PR

Merged 7 days ago

Bump the testcontainers group across 1 directory with 3 updates

DavideD/hibernate-reactive #109

2.19.2 → 2.20.0 Minor PR

Open 7 days ago

Bump the testcontainers group across 1 directory with 3 updates

DavideD/hibernate-reactive #107

2.19.2 → 2.20.0 Minor PR

Open 7 days ago

Bump the kotlin group across 1 directory with 10 updates

Buried-In-Code/Bookshelf #189

2.19.2 → 2.20.0 Minor PR

Open 8 days ago 1 comment

chore(deps): bump the maven-version-updates group across 1 directory with 19 updates

zitadel/client-java #103

2.19.2 → 2.20.0 Minor PR

Closed 8 days ago 1 comment

chore(deps): bump the all-deps group across 1 directory with 13 updates

bitshifted/reflex #98

2.19.1 → 2.20.0 Minor PR

Open 8 days ago

Bump the dependencies group across 1 directory with 11 updates

aws/aws-secretsmanager-jdbc #288

2.18.3 → 2.20.0 Minor PR

Open 8 days ago

chore(deps): bump the low-risk group across 1 directory with 21 updates

Ensono/stacks-java-cqrs #774

2.19.2 → 2.20.0 Minor PR

Open 8 days ago 1 comment

deps(java): bump the all group across 1 directory with 19 updates

Canner/wren-engine #1326

2.19.1 → 2.20.0 Minor PR

Open 8 days ago

Bump the patches group across 1 directory with 17 updates

telicent-oss/smart-caches-core #198

2.19.2 → 2.20.0 Minor PR

Merged 8 days ago

chore(deps): Bump the all group across 1 directory with 36 updates

risingwavelabs/risingwave #23279

2.19.2 → 2.20.0 Minor PR

Closed 8 days ago 1 comment

Bump com.fasterxml.jackson.core:jackson-databind from 2.12.3 to 2.12.7.1

hazelcast/hazelcast-remote-controller #79

2.12.3 → 2.12.7.1 Patch PR

Open 8 days ago

Bump the gradle-dependencies group with 7 updates

meilisearch/meilisearch-java #898

2.19.0 → 2.20.0 Minor PR

Open 8 days ago

Bump the production-dependencies group across 1 directory with 23 updates

nitrite/nitrite-java #1160

2.19.2 → 2.20.0 Minor PR

Open 8 days ago 2 comments

build(deps): bump the patches group across 1 directory with 45 updates

National-Digital-Twin/secure-agents-lib #26

2.18.3 → 2.20.0 Minor PR

Open 8 days ago 1 comment

Bump the third-party group with 24 updates

openziti/ziti-sdk-jvm #717

2.19.2 → 2.20.0 Minor PR

Open 8 days ago

Bump the all-dependencies group across 1 directory with 28 updates

digicert/domain-control-validation #83

2.19.0 → 2.20.0 Minor PR

Open 8 days ago 2 comments

Bump the dependencies group across 1 directory with 14 updates

pf-wikis/bots #96

2.19.1 → 2.20.0 Minor PR

Open 8 days ago

build(deps): bump the low-risk group across 1 directory with 22 updates

Ensono/stacks-java #1523

2.19.2 → 2.20.0 Minor PR

Open 9 days ago 1 comment

deps(deps): bump the maven-dependencies group with 13 updates

nicholascowan/twelvedata-java-client #8

2.19.2 → 2.20.0 Minor PR

Open 9 days ago 1 comment

Bump the backend group across 1 directory with 13 updates

seism0saurus/glacier #164

2.19.0 → 2.20.0 Minor PR

Open 9 days ago 1 comment

Bump com.fasterxml.jackson.core:jackson-databind from 2.19.2 to 2.20.0

remsfal/remsfal-backend #479

2.19.2 → 2.20.0 Minor PR

Open 9 days ago

Package Details

Name:	`com.fasterxml.jackson.core:jackson-databind`
Ecosystem:	maven
PURL Type:	maven
Package URL:	`pkg:maven/com.fasterxml.jackson.core:jackson-databind`
JSON API:	View JSON

Security Advisories

69

Active advisories

CRITICAL 24

HIGH 43

MODERATE 2

View All maven Advisories

Package Information

Description:

General data-binding functionality for Jackson: works on core streaming API

Repository:	https://github.com/FasterXML/jackson-databind
Homepage:	https://github.com/FasterXML/jackson
Latest Release:	`2.19.0` 5 months ago
Dependent Repos:	244,221
Dependent Packages:	23,566
Ranking:	Top 0.0024% by dependent repos Top 0.0012% by dependent pkgs

PR Status

Open 1,062 (46.8%)

Merged 622 (27.4%)

Closed 508 (22.4%)

PR Types

Minor 1,269 (56.0%)

Patch 893 (39.4%)