Lucene search

K
osvGoogleOSV:CVE-2020-36179
HistoryJan 07, 2021 - 12:15 a.m.

CVE-2020-36179

2021-01-0700:15:14
Google
osv.dev
12
fasterxml
jackson-databind
serialization gadgets
oadd.org.apache.commons.dbcp.cpdsadapter.driveradaptercpds
interaction
typing

AI Score

7.1

Confidence

Low

EPSS

0.004

Percentile

72.2%

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS.