Risk Scores
EPSS Score
9.26%
92.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:20.04:LTS | libjackson-json-java | 1.9.13-1, 0 |
| Ubuntu:Pro:16.04:LTS | jackson-databind | 2.4.2-2, 0, 2.4.2-3 |
| Ubuntu:Pro:14.04:LTS | jackson-databind | 0, 2.2.2-1 |
| Ubuntu:Pro:14.04:LTS | libjackson-json-java | 0, 1.9.2-3, 1.9.2-2 |
| Ubuntu:18.04:LTS | libjackson-json-java | 1.9.2-9, 1.9.13-1~18.04, 0 |
| Ubuntu:16.04:LTS | libjackson-json-java | 1.9.2-5, 1.9.2-7, 1.9.2-6 |
Timeline
- Feb 6, 2018 CVE Published
- Sep 27, 2019 CVE Updated
- Apr 14, 2021 EPSS Score
- Nov 3, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Nov 8, 2023 EPSS Score
- Jan 17, 2024 EPSS Score
- Aug 10, 2024 EPSS Score
- Sep 17, 2024 EPSS Score
- Dec 17, 2024 EPSS Score
- Mar 17, 2025 EPSS Score
- Mar 26, 2025 EPSS Score
References
- https://ubuntu.com/security/CVE-2017-15095 third-party-advisory
- https://github.com/FasterXML/jackson-databind/commit/3bfbb835 third-party-advisory
- https://github.com/FasterXML/jackson-databind/issues/1680 third-party-advisory
- https://github.com/FasterXML/jackson-databind/issues/1723 third-party-advisory
- https://github.com/FasterXML/jackson-databind/issues/1737 third-party-advisory
- https://github.com/FasterXML/jackson-databind/commit/e8f043d1 third-party-advisory
- https://github.com/FasterXML/jackson-databind/commit/ddfddfba third-party-advisory
- https://github.com/FasterXML/jackson-databind/blob/7093008aa2afe8068e120df850189ae072dfa1b2/src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java#L43 third-party-advisory
- https://ubuntu.com/security/notices/USN-4741-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2017-15095 third-party-advisory