CVE-2020-14061

🗓️ 19 Jun 2020 12:05:25Reported by redhat.comType

A flaw in jackson-databind 2.x prior to 2.9.10.5 mishandles serialization gadgets and typing, posing a threat to data confidentiality, integrity, and system availability

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 74
OSV	CVE-2020-14061	14 Jun 202020:15	–	osv
OSV	GHSA-C2Q3-4QRH-FM48 Deserialization of untrusted data in Jackson Databind	18 Jun 202014:44	–	osv
OSV	UBUNTU-CVE-2020-14061	14 Jun 202020:15	–	osv
OSV	DLA-2270-1 jackson-databind - security update	1 Jul 202000:00	–	osv
OSV	RHBA-2020:1494 Red Hat Bug Fix Advisory: Satellite 6.6.3 Async Bug Fix Update	13 Sep 202422:39	–	osv
OSV	RHBA-2020:3255 Red Hat Bug Fix Advisory: Satellite 6.7.2 Async Bug Fix Update	13 Sep 202422:40	–	osv
OSV	RHSA-2020:4366 Red Hat Security Advisory: Satellite 6.8 release	27 Sep 202415:12	–	osv
OSV	MGASA-2021-0153 Updated jackson-databind packages fix security vulnerabilities	27 Mar 202114:27	–	osv
OSV	USN-4813-1 jackson-databind vulnerabilities	15 Mar 202121:47	–	osv
CVE	CVE-2020-14061	14 Jun 202020:15	–	cve

Source	Link
cve	www.cve.org/CVERecord
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-14061
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

19 Jun 2020 12:25Current

2.6Low risk

Vulners AI Score2.6

EPSS0.06656