Lucene search

K
redhatcveRedhat.comRH:CVE-2020-8840
HistoryJul 18, 2021 - 12:41 a.m.

CVE-2020-8840

2021-07-1800:41:10
redhat.com
access.redhat.com
140
fasterxml
jackson-databind
deserialization

EPSS

0.03

Percentile

91.0%

A flaw was found in FasterXML jackson-databind in versions 2.0.0 through 2.9.10.2. A “gadget” exploit is possible due to a lack of a Java object being blocking from being deserialized. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.