Server-Side Request Forgery (SSRF) Vulnerability in Jackson XML Dataformat Component

Server-Side Request Forgery (SSRF) Vulnerability in Jackson XML Dataformat Component

CVE-2016-7051 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

XmlMapper in the Jackson XML dataformat component (aka jackson-dataformat-xml) before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors related to a DTD.

Learn more about our Cis Benchmark Audit For Server Software.