[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2018-5968":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":65,"aliases":66,"duplicate_of":9,"upstream":68,"downstream":69,"duplicates":86,"related":87,"reserved_at":9,"published_at":89,"modified_at":90,"state":91,"summary":92,"references_raw":101,"kevs":189,"epss":190,"epss_history":193,"metrics":458,"affected":471},"CVE-2018-5968","FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 and CVE-2017-17485 deserialization flaws. This is exploitable via two different gadgets that bypass a blacklist.",null,[11,55],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-184","Incomplete List of Disallowed Inputs","The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete.","weakness","Draft","Base",[19,23,27,31,35,39,43,47,51],{"id":20,"name":21,"techniques":22},"CAPEC-120","Double Encoding",[],{"id":24,"name":25,"techniques":26},"CAPEC-15","Command Delimiters",[],{"id":28,"name":29,"techniques":30},"CAPEC-182","Flash Injection",[],{"id":32,"name":33,"techniques":34},"CAPEC-3","Using Leading 'Ghost' Character Sequences to Bypass Input Filters",[],{"id":36,"name":37,"techniques":38},"CAPEC-43","Exploiting Multiple Input Interpretation Layers",[],{"id":40,"name":41,"techniques":42},"CAPEC-6","Argument Injection",[],{"id":44,"name":45,"techniques":46},"CAPEC-71","Using Unicode Encoding to Bypass Validation Logic",[],{"id":48,"name":49,"techniques":50},"CAPEC-73","User-Controlled Filename",[],{"id":52,"name":53,"techniques":54},"CAPEC-85","AJAX Footprinting",[],{"_key":56,"id":56,"name":57,"description":58,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":59,"capec":60},"CWE-502","Deserialization of Untrusted Data","The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.","Medium",[61],{"id":62,"name":63,"techniques":64},"CAPEC-586","Object Injection",[],[],[67],"GHSA-w3f4-3q6j-rh82",[],[70,72,74,76,78,80,82,84],{"_key":71},"UBUNTU-CVE-2018-5968",{"_key":73},"DSA-4114-1",{"_key":75},"MGASA-2018-0138",{"_key":77},"DEBIAN-CVE-2018-5968",{"_key":79},"RHSA-2018:0479",{"_key":81},"RHSA-2018:0480",{"_key":83},"RHSA-2018:0481",{"_key":85},"RHSA-2018:1525",[],[88],{"_key":75},"2018-01-22T04:00:00.000Z","2024-08-05T05:47:56.169Z","Modified",{"cisa_kev":93,"cisa_ransomware":93,"cisa_vendor":9,"epss_severity":94,"epss_score":95,"severity":96,"severity_score":97,"severity_version":98,"severity_source":99,"severity_vector":100,"severity_status":91},false,"low",0.01965,"high",8.1,"v3.1","nvd","CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",[102,112,116,120,124,129,133,137,141,146,151,155,159,164,168,172,176,180,184],{"url":103,"sources":104,"tags":107},"https://access.redhat.com/errata/RHSA-2018:0479",[105,99,106],"cve.org","osv_maven",[108,109,110,111],"Vendor Advisory","X Refsource REDHAT","Third Party Advisory","WEB",{"url":113,"sources":114,"tags":115},"https://access.redhat.com/errata/RHSA-2018:0481",[105,99,106],[108,109,110,111],{"url":117,"sources":118,"tags":119},"https://access.redhat.com/errata/RHSA-2018:1525",[105,99,106],[108,109,110,111],{"url":121,"sources":122,"tags":123},"https://access.redhat.com/errata/RHSA-2018:0480",[105,99,106],[108,109,110,111],{"url":125,"sources":126,"tags":127},"https://www.debian.org/security/2018/dsa-4114",[105,99,106],[108,128,110,111],"X Refsource DEBIAN",{"url":130,"sources":131,"tags":132},"https://access.redhat.com/errata/RHSA-2018:0478",[105,99,106],[108,109,110,111],{"url":134,"sources":135,"tags":136},"https://access.redhat.com/errata/RHSA-2019:2858",[105,99,106],[108,109,110,111],{"url":138,"sources":139,"tags":140},"https://access.redhat.com/errata/RHSA-2019:3149",[105,99,106],[108,109,110,111],{"url":142,"sources":143,"tags":144},"https://www.oracle.com/security-alerts/cpuoct2020.html",[105,99,106],[145,110,111],"X Refsource MISC",{"url":147,"sources":148,"tags":149},"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03902en_us",[105,99,106],[150,110,111],"X Refsource CONFIRM",{"url":152,"sources":153,"tags":154},"https://security.netapp.com/advisory/ntap-20180423-0002/",[105,99],[150,110],{"url":156,"sources":157,"tags":158},"https://github.com/FasterXML/jackson-databind/issues/1899",[105,99,106],[145,110,111],{"url":160,"sources":161,"tags":162},"https://nvd.nist.gov/vuln/detail/CVE-2018-5968",[106],[163],"Advisory",{"url":165,"sources":166,"tags":167},"https://github.com/GulajavaMinistudio/jackson-databind/pull/92/commits/038b471e2efde2e8f96b4e0be958d3e5a1ff1d05",[106],[111],{"url":169,"sources":170,"tags":171},"https://github.com/FasterXML/jackson-databind/commit/454be8bb8c913be18298327a84ca45a280b61605",[106],[111],{"url":173,"sources":174,"tags":175},"https://github.com/FasterXML/jackson-databind/commit/038b471e2efde2e8f96b4e0be958d3e5a1ff1d0",[106],[111],{"url":177,"sources":178,"tags":179},"https://github.com/FasterXML/jackson-databind/commit/03ea0bec6293d4330b5ad19d1d62aca0e3cb6381",[106],[111],{"url":181,"sources":182,"tags":183},"https://security.netapp.com/advisory/ntap-20180423-0002",[106],[111],{"url":185,"sources":186,"tags":187},"https://github.com/FasterXML/jackson-databind",[106],[188],"PACKAGE",[],{"date":191,"score":95,"percentile":192},"2026-06-04",0.83848,[194,198,201,204,207,210,213,216,219,222,225,227,229,232,234,238,241,244,248,251,254,257,260,262,264,267,270,273,276,279,282,285,288,291,294,296,299,302,305,308,311,314,317,320,323,326,329,332,335,338,340,343,346,349,352,355,358,361,364,367,370,373,376,378,380,383,386,388,391,394,397,401,404,407,410,413,416,419,422,425,428,431,434,437,440,443,446,449,452,455],{"date":195,"score":196,"percentile":197},"2025-11-04",0.02139,0.83618,{"date":199,"score":196,"percentile":200},"2025-11-05",0.83622,{"date":202,"score":196,"percentile":203},"2025-11-06",0.83626,{"date":205,"score":196,"percentile":206},"2025-11-07",0.83633,{"date":208,"score":196,"percentile":209},"2025-11-08",0.83637,{"date":211,"score":196,"percentile":212},"2025-11-09",0.83632,{"date":214,"score":196,"percentile":215},"2025-11-10",0.83627,{"date":217,"score":196,"percentile":218},"2025-11-11",0.83631,{"date":220,"score":196,"percentile":221},"2025-11-12",0.83643,{"date":223,"score":196,"percentile":224},"2025-11-13",0.83651,{"date":226,"score":196,"percentile":224},"2025-11-14",{"date":228,"score":196,"percentile":221},"2025-11-15",{"date":230,"score":196,"percentile":231},"2025-11-16",0.83645,{"date":233,"score":196,"percentile":221},"2025-11-17",{"date":235,"score":236,"percentile":237},"2025-11-18",0.09325,0.91924,{"date":239,"score":236,"percentile":240},"2025-11-19",0.91926,{"date":242,"score":236,"percentile":243},"2025-11-20",0.91932,{"date":245,"score":246,"percentile":247},"2025-11-21",0.02305,0.84233,{"date":249,"score":246,"percentile":250},"2025-11-22",0.84232,{"date":252,"score":246,"percentile":253},"2025-11-23",0.84222,{"date":255,"score":246,"percentile":256},"2025-11-24",0.8422,{"date":258,"score":246,"percentile":259},"2025-11-25",0.84223,{"date":261,"score":246,"percentile":259},"2025-11-26",{"date":263,"score":246,"percentile":253},"2025-11-27",{"date":265,"score":246,"percentile":266},"2025-11-28",0.84204,{"date":268,"score":246,"percentile":269},"2025-11-29",0.84237,{"date":271,"score":246,"percentile":272},"2025-11-30",0.8424,{"date":274,"score":246,"percentile":275},"2025-12-01",0.84312,{"date":277,"score":246,"percentile":278},"2025-12-02",0.84315,{"date":280,"score":246,"percentile":281},"2025-12-03",0.84316,{"date":283,"score":246,"percentile":284},"2025-12-04",0.84245,{"date":286,"score":246,"percentile":287},"2025-12-05",0.8425,{"date":289,"score":246,"percentile":290},"2025-12-06",0.84249,{"date":292,"score":246,"percentile":293},"2025-12-07",0.84242,{"date":295,"score":246,"percentile":284},"2025-12-08",{"date":297,"score":246,"percentile":298},"2025-12-09",0.84258,{"date":300,"score":246,"percentile":301},"2025-12-10",0.84279,{"date":303,"score":246,"percentile":304},"2025-12-11",0.84284,{"date":306,"score":246,"percentile":307},"2025-12-12",0.8429,{"date":309,"score":246,"percentile":310},"2025-12-13",0.84286,{"date":312,"score":246,"percentile":313},"2025-12-14",0.84282,{"date":315,"score":246,"percentile":316},"2025-12-15",0.84281,{"date":318,"score":246,"percentile":319},"2025-12-16",0.84288,{"date":321,"score":246,"percentile":322},"2025-12-17",0.84293,{"date":324,"score":95,"percentile":325},"2025-12-18",0.83051,{"date":327,"score":95,"percentile":328},"2025-12-19",0.83055,{"date":330,"score":95,"percentile":331},"2025-12-20",0.83049,{"date":333,"score":95,"percentile":334},"2025-12-21",0.83046,{"date":336,"score":95,"percentile":337},"2025-12-22",0.83048,{"date":339,"score":95,"percentile":328},"2025-12-23",{"date":341,"score":95,"percentile":342},"2025-12-24",0.83063,{"date":344,"score":95,"percentile":345},"2025-12-25",0.83077,{"date":347,"score":95,"percentile":348},"2025-12-26",0.83082,{"date":350,"score":95,"percentile":351},"2025-12-27",0.83126,{"date":353,"score":95,"percentile":354},"2025-12-28",0.83071,{"date":356,"score":95,"percentile":357},"2025-12-29",0.83065,{"date":359,"score":95,"percentile":360},"2025-12-30",0.83074,{"date":362,"score":95,"percentile":363},"2025-12-31",0.83087,{"date":365,"score":95,"percentile":366},"2026-01-01",0.83161,{"date":368,"score":95,"percentile":369},"2026-01-02",0.83158,{"date":371,"score":95,"percentile":372},"2026-01-03",0.83152,{"date":374,"score":95,"percentile":375},"2026-01-04",0.8307,{"date":377,"score":95,"percentile":357},"2026-01-05",{"date":379,"score":95,"percentile":375},"2026-01-06",{"date":381,"score":95,"percentile":382},"2026-01-07",0.83073,{"date":384,"score":95,"percentile":385},"2026-01-08",0.8308,{"date":387,"score":95,"percentile":385},"2026-01-09",{"date":389,"score":95,"percentile":390},"2026-01-10",0.83079,{"date":392,"score":95,"percentile":393},"2026-01-11",0.83075,{"date":395,"score":95,"percentile":396},"2026-01-12",0.83072,{"date":398,"score":399,"percentile":400},"2026-01-13",0.01738,0.8201,{"date":402,"score":399,"percentile":403},"2026-01-14",0.82031,{"date":405,"score":399,"percentile":406},"2026-01-15",0.82029,{"date":408,"score":399,"percentile":409},"2026-01-16",0.82039,{"date":411,"score":399,"percentile":412},"2026-01-17",0.8204,{"date":414,"score":399,"percentile":415},"2026-01-18",0.82038,{"date":417,"score":399,"percentile":418},"2026-01-19",0.82032,{"date":420,"score":399,"percentile":421},"2026-01-20",0.82036,{"date":423,"score":399,"percentile":424},"2026-01-21",0.82044,{"date":426,"score":399,"percentile":427},"2026-01-22",0.82051,{"date":429,"score":399,"percentile":430},"2026-01-23",0.82076,{"date":432,"score":399,"percentile":433},"2026-01-24",0.82082,{"date":435,"score":399,"percentile":436},"2026-01-25",0.82074,{"date":438,"score":399,"percentile":439},"2026-01-26",0.82072,{"date":441,"score":399,"percentile":442},"2026-01-27",0.8207,{"date":444,"score":399,"percentile":445},"2026-01-28",0.82069,{"date":447,"score":399,"percentile":448},"2026-01-29",0.82071,{"date":450,"score":399,"percentile":451},"2026-01-30",0.82073,{"date":453,"score":399,"percentile":454},"2026-01-31",0.82078,{"date":456,"score":399,"percentile":457},"2026-02-01",0.82153,[459,469],{"source":99,"cvss_v2_0":460,"cvss_v3_0":9,"cvss_v3_1":465,"cvss_v4_0":9},{"baseScore":461,"baseSeverity":9,"vectorString":462,"impactScore":463,"exploitabilityScore":464},6.8,"AV:N/AC:M/Au:N/C:P/I:P/A:P",6.4,8.6,{"baseScore":97,"baseSeverity":466,"vectorString":100,"impactScore":467,"exploitabilityScore":468},"HIGH",9.8,5.6,{"source":106,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":470,"cvss_v4_0":9},{"baseScore":97,"baseSeverity":9,"vectorString":100,"impactScore":467,"exploitabilityScore":468},[472,483,507,521,530,536,541,548,556,561],{"ecosystem":9,"name":473,"vendor":474,"product":475,"cpe_part":476,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":477},"debian linux","debian","debian_linux","o",[478,481],{"version":479,"is_range":93,"range_type":480,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0","cpe",{"version":482,"is_range":93,"range_type":480,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"ecosystem":9,"name":484,"vendor":485,"product":484,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":487},"jackson-databind","fasterxml","a",[488,495,499,503],{"version":489,"is_range":490,"range_type":480,"version_start":491,"version_start_type":492,"version_end":493,"version_end_type":494,"fixed_in":9},"gte2.0.0_lt2.6.7.3",true,"2.0.0","including","2.6.7.3","excluding",{"version":496,"is_range":490,"range_type":480,"version_start":497,"version_start_type":492,"version_end":498,"version_end_type":494,"fixed_in":9},"gte2.7.0_lt2.7.9.2","2.7.0","2.7.9.2",{"version":500,"is_range":490,"range_type":480,"version_start":501,"version_start_type":492,"version_end":502,"version_end_type":494,"fixed_in":9},"gte2.8.0_lt2.8.11.1","2.8.0","2.8.11.1",{"version":504,"is_range":490,"range_type":480,"version_start":505,"version_start_type":492,"version_end":506,"version_end_type":494,"fixed_in":9},"gte2.9.0_lt2.9.4","2.9.0","2.9.4",{"ecosystem":508,"name":509,"vendor":510,"product":484,"cpe_part":9,"purl_type":511,"purl_namespace":510,"purl_name":484,"source":9,"versions":512},"Maven","com.fasterxml.jackson.core:jackson-databind","com.fasterxml.jackson.core","maven",[513,516,518],{"version":514,"is_range":490,"range_type":515,"version_start":501,"version_start_type":492,"version_end":502,"version_end_type":494,"fixed_in":9},"gte2_8_0_lt2_8_11_1","ecosystem",{"version":517,"is_range":490,"range_type":515,"version_start":505,"version_start_type":492,"version_end":506,"version_end_type":494,"fixed_in":9},"gte2_9_0_lt2_9_4",{"version":519,"is_range":490,"range_type":515,"version_start":9,"version_start_type":9,"version_end":520,"version_end_type":494,"fixed_in":9},"lt2_7_9_5","2.7.9.5",{"ecosystem":9,"name":522,"vendor":523,"product":524,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":525},"e-series santricity os controller","netapp","e-series_santricity_os_controller",[526],{"version":527,"is_range":490,"range_type":480,"version_start":528,"version_start_type":492,"version_end":529,"version_end_type":492,"fixed_in":9},"gte11.0.0_lte11.60.3","11.0.0","11.60.3",{"ecosystem":9,"name":531,"vendor":523,"product":532,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":533},"e-series santricity web services proxy","e-series_santricity_web_services_proxy",[534],{"version":535,"is_range":93,"range_type":480,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"na",{"ecosystem":9,"name":537,"vendor":523,"product":538,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":539},"oncommand shift","oncommand_shift",[540],{"version":535,"is_range":93,"range_type":480,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":542,"vendor":543,"product":544,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":545},"jboss enterprise application platform","redhat","jboss_enterprise_application_platform",[546],{"version":547,"is_range":93,"range_type":480,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.1",{"ecosystem":9,"name":549,"vendor":543,"product":550,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":551},"openshift container platform","openshift_container_platform",[552,554],{"version":553,"is_range":93,"range_type":480,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.1",{"version":555,"is_range":93,"range_type":480,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.11",{"ecosystem":9,"name":557,"vendor":543,"product":557,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":558},"virtualization",[559],{"version":560,"is_range":93,"range_type":480,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0",{"ecosystem":9,"name":562,"vendor":543,"product":563,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":564},"virtualization host","virtualization_host",[565],{"version":560,"is_range":93,"range_type":480,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9}]