Lucene search

K
osvGoogleOSV:CVE-2020-36181
HistoryJan 06, 2021 - 11:15 p.m.

CVE-2020-36181

2021-01-0623:15:12
Google
osv.dev
9
fasterxml jackson-databind
serialization
cve-2020-36181
typing
org.apache.tomcat.dbcp.dbcp.cpdsadapter.driveradaptercpds

AI Score

7.1

Confidence

Low

EPSS

0.003

Percentile

66.0%

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS.