Lucene search
PRIOn knowledge basePRION:CVE-2020-11112HistoryMar 31, 2020 - 5:15 a.m.
Design/Logic Flaw
2020-03-3105:15:00
PRIOn knowledge base
www.prio-n.com
4
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).
References
github.com/FasterXML/jackson-databind/issues/2666
lists.debian.org/debian-lts-announce/2020/04/msg00012.html
medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
security.netapp.com/advisory/ntap-20200403-0002/
www.oracle.com/security-alerts/cpujan2021.html
www.oracle.com/security-alerts/cpujul2020.html
www.oracle.com/security-alerts/cpuoct2020.html
www.oracle.com/security-alerts/cpuoct2021.html
Related
cve
cve
CVE-2020-11112
2020-03-31 05:15:13
debiancve
debiancve
CVE-2020-11112
2020-03-31 05:15:13
atlassian
atlassian
osv
osv
jackson-databind mishandles the interaction between serialization gadgets and typing
2020-06-10 21:12:41
CVE-2020-11112
2020-03-31 05:15:13
jackson-databind - security update
2020-04-18 00:00:00
cvelist
cvelist
CVE-2020-11112
2020-03-31 04:37:41
nvd
nvd
CVE-2020-11112
2020-03-31 05:15:13
veracode
veracode
Remote Code Execution
2020-04-01 08:43:55
github
github
redhatcve
redhatcve
CVE-2020-11112
2020-04-09 07:34:53
vulnrichment
vulnrichment
CVE-2020-11112
2020-03-31 04:37:41
ubuntucve
ubuntucve
CVE-2020-11112
2020-03-31 00:00:00
redhat
redhat
(RHSA-2020:1523) Important: rh-maven35-jackson-databind security update
2020-04-21 11:44:53
(RHSA-2020:5625) Moderate: Red Hat Single Sign-On 7.4.0 security update
2020-12-17 16:36:27
(RHSA-2020:3779) Important: Red Hat Data Grid 7.3.7 security update
2020-09-17 13:03:47
nessus
nessus
RHEL 7 : rh-maven35-jackson-databind (RHSA-2020:1523)
2023-01-23 00:00:00
Debian DLA-2179-1 : jackson-databind security update
2020-04-20 00:00:00
Oracle Primavera Unifier Multiple Vulnerabilities (Jul 2020 CPU)
2020-07-15 00:00:00
debian
debian
[SECURITY] [DLA 2179-1] jackson-databind security update
2020-04-17 23:51:40
openvas
openvas
Debian: Security Advisory (DLA-2179-1)
2020-04-18 00:00:00
Mageia: Security Advisory (MGASA-2021-0153)
2022-01-28 00:00:00
Ubuntu: Security Advisory (USN-4813-1)
2023-01-27 00:00:00
ibm
ibm
mageia
mageia
Updated jackson-databind packages fix security vulnerabilities
2021-03-27 17:27:02
ubuntu
ubuntu
Jackson Databind vulnerabilities
2021-03-15 00:00:00
hp
hp
HP Device Manager Security Updates
2023-10-20 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2021
2021-01-19 00:00:00
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00
Oracle Critical Patch Update Advisory - October 2021
2021-10-19 00:00:00