[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2018-11307":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":24,"aliases":25,"duplicate_of":9,"upstream":27,"downstream":28,"duplicates":45,"related":46,"reserved_at":9,"published_at":47,"modified_at":48,"state":49,"summary":50,"references_raw":59,"kevs":198,"epss":199,"epss_history":202,"metrics":446,"affected":457},"CVE-2018-11307","An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltration of content. Fixed in 2.7.9.4, 2.8.11.2, and 2.9.6.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-502","Deserialization of Untrusted Data","The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.","weakness","Draft","Base","Medium",[20],{"id":21,"name":22,"techniques":23},"CAPEC-586","Object Injection",[],[],[26],"GHSA-qr7j-h6gg-jmgc",[],[29,31,33,35,37,39,41,43],{"_key":30},"UBUNTU-CVE-2018-11307",{"_key":32},"DLA-1703-1",{"_key":34},"DSA-4452-1",{"_key":36},"DEBIAN-CVE-2018-11307",{"_key":38},"RHSA-2019:0782",{"_key":40},"RHSA-2019:1107",{"_key":42},"RHSA-2019:1108",{"_key":44},"USN-4813-1",[],[],"2019-07-09T15:37:25.000Z","2024-08-05T08:01:52.866Z","Modified",{"cisa_kev":51,"cisa_ransomware":51,"cisa_vendor":9,"epss_severity":52,"epss_score":53,"severity":54,"severity_score":55,"severity_version":56,"severity_source":57,"severity_vector":58,"severity_status":49},false,"medium",0.12722,"critical",9.8,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[60,70,74,78,82,88,92,96,100,104,108,112,116,120,125,129,134,138,142,148,153,157,161,165,169,173,177,181,185,189,193],{"url":61,"sources":62,"tags":65},"https://access.redhat.com/errata/RHSA-2019:1822",[63,57,64],"cve.org","osv_maven",[66,67,68,69],"Vendor Advisory","X Refsource REDHAT","Third Party Advisory","WEB",{"url":71,"sources":72,"tags":73},"https://access.redhat.com/errata/RHSA-2019:1823",[63,57,64],[66,67,68,69],{"url":75,"sources":76,"tags":77},"https://access.redhat.com/errata/RHSA-2019:2804",[63,57,64],[66,67,68,69],{"url":79,"sources":80,"tags":81},"https://access.redhat.com/errata/RHSA-2019:2858",[63,57,64],[66,67,68,69],{"url":83,"sources":84,"tags":85},"https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d%40%3Cissues.lucene.apache.org%3E",[63,57],[86,87,68],"Mailing List","X Refsource MLIST",{"url":89,"sources":90,"tags":91},"https://access.redhat.com/errata/RHSA-2019:3002",[63,57,64],[66,67,68,69],{"url":93,"sources":94,"tags":95},"https://access.redhat.com/errata/RHSA-2019:3140",[63,57,64],[66,67,68,69],{"url":97,"sources":98,"tags":99},"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E",[63,57],[86,87,68],{"url":101,"sources":102,"tags":103},"https://access.redhat.com/errata/RHSA-2019:3149",[63,57,64],[66,67,68,69],{"url":105,"sources":106,"tags":107},"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E",[63,57],[86,87,68],{"url":109,"sources":110,"tags":111},"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E",[63,57],[86,87,68],{"url":113,"sources":114,"tags":115},"https://access.redhat.com/errata/RHSA-2019:3892",[63,57,64],[66,67,68,69],{"url":117,"sources":118,"tags":119},"https://access.redhat.com/errata/RHSA-2019:4037",[63,57,64],[66,67,68,69],{"url":121,"sources":122,"tags":123},"https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062",[63,57],[124,68],"X Refsource MISC",{"url":126,"sources":127,"tags":128},"https://www.oracle.com/security-alerts/cpuapr2020.html",[63,57,64],[124,68,69],{"url":130,"sources":131,"tags":132},"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",[63,57,64],[124,133,68,69],"Patch",{"url":135,"sources":136,"tags":137},"https://www.oracle.com/security-alerts/cpujan2020.html",[63,57,64],[124,68,69],{"url":139,"sources":140,"tags":141},"https://www.oracle.com/security-alerts/cpuoct2020.html",[63,57,64],[124,68,69],{"url":143,"sources":144,"tags":145},"https://nvd.nist.gov/vuln/detail/CVE-2017-7525",[63,57,64],[124,68,146,147],"US Government Resource","Advisory",{"url":149,"sources":150,"tags":151},"https://access.redhat.com/errata/RHSA-2019:0782",[63,57,64],[152,68,69],"X Refsource CONFIRM",{"url":154,"sources":155,"tags":156},"https://github.com/FasterXML/jackson-databind/issues/2032",[63,57,64],[124,68,69],{"url":158,"sources":159,"tags":160},"https://nvd.nist.gov/vuln/detail/CVE-2018-11307",[64],[147],{"url":162,"sources":163,"tags":164},"https://github.com/FasterXML/jackson-databind/commit/051bd5e447fbc9539e12a4fe90eb989dba0c656",[64],[69],{"url":166,"sources":167,"tags":168},"https://github.com/FasterXML/jackson-databind/commit/27b4defc270454dea6842bd9279f17387eceb73",[64],[69],{"url":170,"sources":171,"tags":172},"https://github.com/FasterXML/jackson-databind/commit/78e78738d69adcb59fdac9fc12d9053ce8809f3d",[64],[69],{"url":174,"sources":175,"tags":176},"https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062",[64],[69],{"url":178,"sources":179,"tags":180},"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E",[64],[69],{"url":182,"sources":183,"tags":184},"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E",[64],[69],{"url":186,"sources":187,"tags":188},"https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E",[64],[69],{"url":190,"sources":191,"tags":192},"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E",[64],[69],{"url":194,"sources":195,"tags":196},"https://github.com/FasterXML/jackson-databind",[64],[197],"PACKAGE",[],{"date":200,"score":53,"percentile":201},"2026-06-04",0.94126,[203,207,210,213,216,219,221,224,227,230,233,236,239,241,244,248,251,254,257,260,263,267,270,273,275,278,280,282,285,288,291,294,297,299,301,303,306,309,312,315,318,320,323,326,329,332,334,337,340,343,346,349,351,354,356,359,362,365,367,369,372,374,376,378,380,382,384,387,389,391,393,395,398,401,404,407,410,412,414,417,420,423,426,429,432,434,437,439,441,443],{"date":204,"score":205,"percentile":206},"2025-11-04",0.13009,0.93773,{"date":208,"score":205,"percentile":209},"2025-11-05",0.93772,{"date":211,"score":205,"percentile":212},"2025-11-06",0.93775,{"date":214,"score":205,"percentile":215},"2025-11-07",0.93779,{"date":217,"score":205,"percentile":218},"2025-11-08",0.9378,{"date":220,"score":205,"percentile":218},"2025-11-09",{"date":222,"score":205,"percentile":223},"2025-11-10",0.93781,{"date":225,"score":205,"percentile":226},"2025-11-11",0.93783,{"date":228,"score":205,"percentile":229},"2025-11-12",0.93788,{"date":231,"score":205,"percentile":232},"2025-11-13",0.9379,{"date":234,"score":205,"percentile":235},"2025-11-14",0.93794,{"date":237,"score":205,"percentile":238},"2025-11-15",0.93791,{"date":240,"score":205,"percentile":235},"2025-11-16",{"date":242,"score":205,"percentile":243},"2025-11-17",0.93793,{"date":245,"score":246,"percentile":247},"2025-11-18",0.10582,0.92518,{"date":249,"score":246,"percentile":250},"2025-11-19",0.92521,{"date":252,"score":246,"percentile":253},"2025-11-20",0.92526,{"date":255,"score":205,"percentile":256},"2025-11-21",0.93803,{"date":258,"score":205,"percentile":259},"2025-11-22",0.93802,{"date":261,"score":205,"percentile":262},"2025-11-23",0.93808,{"date":264,"score":265,"percentile":266},"2025-11-24",0.12636,0.93695,{"date":268,"score":265,"percentile":269},"2025-11-25",0.93696,{"date":271,"score":265,"percentile":272},"2025-11-26",0.93694,{"date":274,"score":265,"percentile":269},"2025-11-27",{"date":276,"score":265,"percentile":277},"2025-11-28",0.93689,{"date":279,"score":265,"percentile":266},"2025-11-29",{"date":281,"score":265,"percentile":272},"2025-11-30",{"date":283,"score":265,"percentile":284},"2025-12-01",0.93736,{"date":286,"score":265,"percentile":287},"2025-12-02",0.93739,{"date":289,"score":265,"percentile":290},"2025-12-03",0.93741,{"date":292,"score":265,"percentile":293},"2025-12-04",0.93693,{"date":295,"score":265,"percentile":296},"2025-12-05",0.93697,{"date":298,"score":265,"percentile":269},"2025-12-06",{"date":300,"score":265,"percentile":266},"2025-12-07",{"date":302,"score":265,"percentile":296},"2025-12-08",{"date":304,"score":265,"percentile":305},"2025-12-09",0.93701,{"date":307,"score":265,"percentile":308},"2025-12-10",0.93706,{"date":310,"score":265,"percentile":311},"2025-12-11",0.9371,{"date":313,"score":265,"percentile":314},"2025-12-12",0.93712,{"date":316,"score":265,"percentile":317},"2025-12-13",0.93711,{"date":319,"score":265,"percentile":317},"2025-12-14",{"date":321,"score":265,"percentile":322},"2025-12-15",0.93715,{"date":324,"score":265,"percentile":325},"2025-12-16",0.93719,{"date":327,"score":265,"percentile":328},"2025-12-17",0.93724,{"date":330,"score":265,"percentile":331},"2025-12-18",0.93726,{"date":333,"score":265,"percentile":331},"2025-12-19",{"date":335,"score":265,"percentile":336},"2025-12-20",0.93725,{"date":338,"score":265,"percentile":339},"2025-12-21",0.93728,{"date":341,"score":265,"percentile":342},"2025-12-22",0.93729,{"date":344,"score":265,"percentile":345},"2025-12-23",0.93727,{"date":347,"score":265,"percentile":348},"2025-12-24",0.9373,{"date":350,"score":265,"percentile":287},"2025-12-25",{"date":352,"score":265,"percentile":353},"2025-12-26",0.93737,{"date":355,"score":265,"percentile":223},"2025-12-27",{"date":357,"score":265,"percentile":358},"2025-12-28",0.93733,{"date":360,"score":265,"percentile":361},"2025-12-29",0.93731,{"date":363,"score":265,"percentile":364},"2025-12-30",0.93734,{"date":366,"score":265,"percentile":287},"2025-12-31",{"date":368,"score":265,"percentile":223},"2026-01-01",{"date":370,"score":265,"percentile":371},"2026-01-02",0.93776,{"date":373,"score":265,"percentile":212},"2026-01-03",{"date":375,"score":265,"percentile":284},"2026-01-04",{"date":377,"score":265,"percentile":358},"2026-01-05",{"date":379,"score":265,"percentile":358},"2026-01-06",{"date":381,"score":265,"percentile":364},"2026-01-07",{"date":383,"score":265,"percentile":284},"2026-01-08",{"date":385,"score":265,"percentile":386},"2026-01-09",0.9374,{"date":388,"score":265,"percentile":290},"2026-01-10",{"date":390,"score":265,"percentile":287},"2026-01-11",{"date":392,"score":265,"percentile":353},"2026-01-12",{"date":394,"score":265,"percentile":353},"2026-01-13",{"date":396,"score":265,"percentile":397},"2026-01-14",0.93746,{"date":399,"score":265,"percentile":400},"2026-01-15",0.93747,{"date":402,"score":265,"percentile":403},"2026-01-16",0.93751,{"date":405,"score":265,"percentile":406},"2026-01-17",0.93756,{"date":408,"score":265,"percentile":409},"2026-01-18",0.9375,{"date":411,"score":265,"percentile":409},"2026-01-19",{"date":413,"score":265,"percentile":403},"2026-01-20",{"date":415,"score":265,"percentile":416},"2026-01-21",0.93754,{"date":418,"score":265,"percentile":419},"2026-01-22",0.93758,{"date":421,"score":265,"percentile":422},"2026-01-23",0.93764,{"date":424,"score":265,"percentile":425},"2026-01-24",0.93767,{"date":427,"score":265,"percentile":428},"2026-01-25",0.93769,{"date":430,"score":265,"percentile":431},"2026-01-26",0.9377,{"date":433,"score":265,"percentile":431},"2026-01-27",{"date":435,"score":265,"percentile":436},"2026-01-28",0.93774,{"date":438,"score":265,"percentile":212},"2026-01-29",{"date":440,"score":265,"percentile":436},"2026-01-30",{"date":442,"score":265,"percentile":371},"2026-01-31",{"date":444,"score":265,"percentile":445},"2026-02-01",0.93813,[447,455],{"source":57,"cvss_v2_0":448,"cvss_v3_0":9,"cvss_v3_1":453,"cvss_v4_0":9},{"baseScore":449,"baseSeverity":9,"vectorString":450,"impactScore":451,"exploitabilityScore":452},7.5,"AV:N/AC:L/Au:N/C:P/I:P/A:P",6.4,10,{"baseScore":55,"baseSeverity":454,"vectorString":58,"impactScore":55,"exploitabilityScore":452},"CRITICAL",{"source":64,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":456,"cvss_v4_0":9},{"baseScore":55,"baseSeverity":9,"vectorString":58,"impactScore":55,"exploitabilityScore":452},[458,483,496,502,508,523,529,535],{"ecosystem":9,"name":459,"vendor":460,"product":459,"cpe_part":461,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":462},"jackson-databind","fasterxml","a",[463,471,475,479],{"version":464,"is_range":465,"range_type":466,"version_start":467,"version_start_type":468,"version_end":469,"version_end_type":470,"fixed_in":9},"gte2.0.0_lt2.6.7.3",true,"cpe","2.0.0","including","2.6.7.3","excluding",{"version":472,"is_range":465,"range_type":466,"version_start":473,"version_start_type":468,"version_end":474,"version_end_type":470,"fixed_in":9},"gte2.7.0_lt2.7.9.4","2.7.0","2.7.9.4",{"version":476,"is_range":465,"range_type":466,"version_start":477,"version_start_type":468,"version_end":478,"version_end_type":470,"fixed_in":9},"gte2.8.0_lt2.8.11.2","2.8.0","2.8.11.2",{"version":480,"is_range":465,"range_type":466,"version_start":481,"version_start_type":468,"version_end":482,"version_end_type":470,"fixed_in":9},"gte2.9.0_lt2.9.6","2.9.0","2.9.6",{"ecosystem":484,"name":485,"vendor":486,"product":459,"cpe_part":9,"purl_type":487,"purl_namespace":486,"purl_name":459,"source":9,"versions":488},"Maven","com.fasterxml.jackson.core:jackson-databind","com.fasterxml.jackson.core","maven",[489,492,494],{"version":490,"is_range":465,"range_type":491,"version_start":467,"version_start_type":468,"version_end":474,"version_end_type":470,"fixed_in":9},"gte2_0_0_lt2_7_9_4","ecosystem",{"version":493,"is_range":465,"range_type":491,"version_start":477,"version_start_type":468,"version_end":478,"version_end_type":470,"fixed_in":9},"gte2_8_0_lt2_8_11_2",{"version":495,"is_range":465,"range_type":491,"version_start":481,"version_start_type":468,"version_end":482,"version_end_type":470,"fixed_in":9},"gte2_9_0_lt2_9_6",{"ecosystem":9,"name":497,"vendor":498,"product":497,"cpe_part":461,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":499},"clusterware","oracle",[500],{"version":501,"is_range":51,"range_type":466,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.1.0.2.0",{"ecosystem":9,"name":503,"vendor":498,"product":504,"cpe_part":461,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":505},"communications instant messaging server","communications_instant_messaging_server",[506],{"version":507,"is_range":51,"range_type":466,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0.1.2.0",{"ecosystem":9,"name":509,"vendor":498,"product":510,"cpe_part":461,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":511},"global lifecycle management opatch","global_lifecycle_management_opatch",[512,515,519],{"version":513,"is_range":465,"range_type":466,"version_start":9,"version_start_type":9,"version_end":514,"version_end_type":470,"fixed_in":9},"lt11.2.0.3.23","11.2.0.3.23",{"version":516,"is_range":465,"range_type":466,"version_start":517,"version_start_type":468,"version_end":518,"version_end_type":470,"fixed_in":9},"gte12.2.0.1.0_lt12.2.0.1.19","12.2.0.1.0","12.2.0.1.19",{"version":520,"is_range":465,"range_type":466,"version_start":521,"version_start_type":468,"version_end":522,"version_end_type":470,"fixed_in":9},"gte13.9.4.0.0_lt13.9.4.2.1","13.9.4.0.0","13.9.4.2.1",{"ecosystem":9,"name":524,"vendor":498,"product":525,"cpe_part":461,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":526},"retail customer management and segmentation foundation","retail_customer_management_and_segmentation_foundation",[527],{"version":528,"is_range":51,"range_type":466,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"17.0",{"ecosystem":9,"name":530,"vendor":498,"product":531,"cpe_part":461,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":532},"utilities advanced spatial and operational analytics","utilities_advanced_spatial_and_operational_analytics",[533],{"version":534,"is_range":51,"range_type":466,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.7.0.1",{"ecosystem":9,"name":536,"vendor":537,"product":538,"cpe_part":461,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":539},"openshift container platform","redhat","openshift_container_platform",[540,542],{"version":541,"is_range":51,"range_type":466,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.11",{"version":543,"is_range":51,"range_type":466,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1"]