A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar to CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes.

Affected Packages

Maven org.codehaus.jackson:jackson-mapper-asl

Affected versions: 0 (last affected: 1.9.13)

Related CVEs

CVE-2019-10172

Key Information

GHSA ID

GHSA-r6j9-8759-g62w

Published

February 4, 2020 10:39 PM

Last Modified

March 26, 2021 12:27 AM

CVSS Score

7.5 /10

Primary Ecosystem

Maven

Primary Package

org.codehaus.jackson:jackson-mapper-asl

GitHub Reviewed

✓ Yes

Dataset

Last updated: September 18, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.