Lucene search

K
osvGoogleOSV:CVE-2020-9548
HistoryMar 02, 2020 - 4:15 a.m.

CVE-2020-9548

2020-03-0204:15:11
Google
osv.dev
20
fasterxml jackson-databind
cve-2020-9548
serialization gadgets
typing
br.com.anteros.dbcp.anterosdbcpconfig
anteros-core

AI Score

9.3

Confidence

High

EPSS

0.004

Percentile

73.8%

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).

References