Lucene search

Basic search
Lucene search
Search by product

Vendors

Products

GoogleOSV:DLA-2342-1

HistoryAug 24, 2020 - 12:00 a.m.

libjackson-json-java - security update

2020-08-2400:00:00

Google

osv.dev

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.493 Medium

EPSS

Percentile

97.4%

JSON

Bulletin has no description

CPENameOperatorVersion
libjackson-json-javaeq1.9.2-8

CPE	Name	Operator	Version
	libjackson-json-java	eq	1.9.2-8

nessus 34

osv 19

debian 8

openvas 15

ubuntu 1

redhat 33

fedora 7

prion 6

github 7

veracode 12

redhatcve 7

mageia 2

ubuntucve 6

cve 7

debiancve 6

ibm 17

checkpoint_advisories 1

symantec 1

cgr 1

githubexploit 1

seebug 3

huawei 1

zdt 1

f5 2

freebsd 1

nessus

Debian DLA-2091-1 : libjackson-json-java security update

2020-02-03 00:00:00

Debian DLA-2342-1 : libjackson-json-java security update

2020-08-25 00:00:00

Ubuntu 16.04 LTS : Jackson vulnerabilities (USN-4741-1)

2021-03-23 00:00:00

osv

libjackson-json-java vulnerabilities

2021-02-18 20:36:50

libjackson-json-java - security update

2020-01-31 00:00:00

jackson-databind vulnerable to deserialization flaw leading to unauthenticated remote code execution

2018-10-18 17:42:34

debian

[SECURITY] [DLA 2342-1] libjackson-json-java security update

2020-08-24 09:26:12

[SECURITY] [DLA 2091-1] libjackson-json-java security update

2020-01-31 21:51:58

[SECURITY] [DSA 4037-1] jackson-databind security update

2017-11-16 12:40:10

openvas

Debian LTS: Security Advisory for libjackson-json-java (DLA-2091-1)

2020-02-01 00:00:00

Debian Security Advisory DSA 4037-1 (jackson-databind - security update)

2017-11-16 00:00:00

Fedora Update for jackson-databind FEDORA-2017-4a071ecbc7

2017-11-23 00:00:00

ubuntu

Jackson vulnerabilities

2021-02-18 00:00:00

redhat

(RHSA-2018:0577) Important: Red Hat JBoss BPM Suite 6.4.9 security update

2018-03-22 08:09:42

(RHSA-2017:3190) Important: rh-eclipse46-jackson-databind security update

2017-11-13 04:15:22

(RHSA-2017:3189) Important: rh-eclipse47-jackson-databind security update

2017-11-13 04:14:58

fedora

[SECURITY] Fedora 27 Update: jackson-databind-2.7.6-5.fc27

2017-11-15 17:58:38

[SECURITY] Fedora 26 Update: jackson-databind-2.7.6-5.fc26

2017-11-15 20:23:08

[SECURITY] Fedora 26 Update: jackson-databind-2.7.6-8.fc26

2018-02-07 13:00:23

prion

Deserialization of untrusted data

2018-02-06 15:29:00

Deserialization of untrusted data

2018-02-06 15:29:00

Xxe

2019-11-18 17:15:00

github

jackson-databind vulnerable to deserialization flaw leading to unauthenticated remote code execution

2018-10-18 17:42:34

jackson-databind is vulnerable to a deserialization flaw

2018-10-16 17:21:35

Improper Restriction of XML External Entity Reference in jackson-mapper-asl

2020-02-04 22:39:19

veracode

Remote Code Execution (RCE) Through Deserialization

2017-11-02 08:36:33

Remote Code Execution (RCE) Through Deserialization

2019-01-15 09:19:49

Remote Code Execution (RCE) Through Deserialization

2017-04-19 05:40:17

redhatcve

CVE-2017-15095

2021-07-17 23:47:49

CVE-2017-17485

2020-04-09 07:26:09

CVE-2017-7525

2020-04-04 05:14:31

mageia

Updated jackson-databind packages fix security vulnerability

2017-11-16 10:39:32

Updated jackson-databind packages fix security vulnerability

2017-08-12 01:24:19

ubuntucve

CVE-2017-15095

2018-02-06 00:00:00

CVE-2017-7525

2018-02-06 00:00:00

CVE-2019-10172

2019-11-18 00:00:00

cve

CVE-2017-15095

2018-02-06 15:29:00

CVE-2017-7525

2018-02-06 15:29:00

CVE-2019-10172

2019-11-18 17:15:00

debiancve

CVE-2017-15095

2018-02-06 15:29:00

CVE-2017-7525

2018-02-06 15:29:00

CVE-2019-10172

2019-11-18 17:15:00

ibm

Security Bulletin: Multiple Vulnerabilities in Jackson Core affect IBM Maximo Asset Management

2022-04-12 22:52:18

Security Bulletin: Jackson Data Mapper Vulnerability Affects IBM Sterling B2B Integrator (CVE-2019-10172)

2021-10-05 20:56:36

Security Bulletin: IBM Sterling Global Mailbox vulnerable to sensitive information exposure due to Jackson Data Mapper (CVE-2019-10172)

2022-02-22 14:32:43

checkpoint_advisories

Apache Struts2 Jackson Library Remote Code Execution (CVE-2017-15095; CVE-2017-17485; CVE-2017-7525; CVE-2018-7489)

2017-12-05 00:00:00

symantec

FasterXML Jackson CVE-2019-10172 Multiple XML External Entity Injection Vulnerabilities

2019-11-18 00:00:00

cgr

CVE-2019-10172 vulnerabilities

2024-04-18 09:06:01

githubexploit

Exploit for Improper Restriction of XML External Entity Reference in Fasterxml Jackson-Mapper-Asl

2020-10-14 12:00:20

seebug

Apache Struts2 S2-055(CVE-2017-7525)

2017-12-01 00:00:00

Jackson enableDefaultTyping method of deserialization code execution vulnerability(CVE-2017-7525)

2017-04-17 00:00:00

Jackson-databind 远程代码执行漏洞(CVE-2017-17485)

2018-01-11 00:00:00

huawei

Security Advisory - Remote Code Execution Vulnerability in Jackson JSON library of Apache Struts2

2018-02-28 00:00:00

zdt

Apache Struts2 S2-055 DoS Vulnerability

2017-12-02 00:00:00

K65417229 : Apache Struts vulnerability CVE-2017-7525

2017-12-05 00:00:00

K39573629 : jackson-mapper-asl vulnerability CVE-2019-10172

2020-05-18 00:00:00

freebsd

payara -- Default typing issue in Jackson Databind

2018-02-26 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.493 Medium

EPSS

Percentile

97.4%

JSON

Related for OSV:DLA-2342-1