CVE-2025-11307

The WP Go Maps formerly WP Google Maps WordPress plugin before 9.0.48 does not sanitize user input provided via an AJAX action, allowing unauthenticated users to store XSS payloads which are later retrieved from another AJAX call and output unescaped...

Security Bulletin: Vulnerabilities in jackson-databind affect IBM watsonx.data

Summary FasterXML jackson-databind has multiple vulnerabilities including the possibility of remote attackers executing arbitrary code on the system. These can affect IBM watsonx.data. Vulnerability Details CVEID:CVE-2017-15095 DESCRIPTION: Jackson Library could allow a remote attacker to execute...

Ubuntu 16.04 ESM : Jackson Databind vulnerabilities (USN-4813-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4813-1 advisory. It was discovered that Jackson Databind incorrectly handled deserialization. An attacker could possibly use this issue to obtain sensitive information...

Security Bulletin: IBM Security Guardium Insights is affected by Components with known vulnerabilities

Summary IBM Security Guardium Insights has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2017-15095 DESCRIPTION: Jackson Library could allow a remote attacker to execute arbitrary code on the system, caused by a deserialization flaw in the readValue method of the...

CVE-2020-11307

creationtimestamp| type| source ---|---|--- 2021-07-13 12:19:03+00:00| seen| https://t.me/cibsecurity/26088...

USN-4813-1: Jackson Databind vulnerabilities

It was discovered that Jackson Databind incorrectly handled deserialization. An attacker could possibly use this issue to obtain sensitive information. CVE-2018-11307, CVE-2019-12086, CVE-2019-12814 It was discovered that Jackson Databind incorrectly handled deserialization. An attacker could...

CVE-2019-11307

CVE-2019-11307 entry is rejected/not used per the Initial Description.

Important: Red Hat Security Advisory: Red Hat Fuse 7.5.0 security update

A minor version update from 7.4 to 7.5 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

Important: Red Hat Security Advisory: OpenShift Container Platform logging-elasticsearch5-container security update

An update for logging-elasticsearch5-container is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: Red Hat JBoss Data Virtualization 6.4.8 security update

An update is now available for Red Hat JBoss Data Virtualization. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

Important: Red Hat Security Advisory: Red Hat FIS 2.0 on Fuse 6.3.0 R13 security and bug fix update

An update is now available for Red Hat Fuse Integration Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

Important: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R13 security and bug fix update

An update is now available for Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: Red Hat Decision Manager 7.4.0 Security Update

An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links i...

Important: Red Hat Security Advisory: Red Hat Process Automation Manager 7.4.0 Security Update

An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

aero.champ:cargojson (=1.0), ai.chronon:aggregator_2.11 (>=0.0.1 <=thread_contention-0.0.23-dev3) +16342 more potentially affected by CVE-2017-7525 +1 more via com.fasterxml.jackson.core:jackson-databind (>=2.9.0 <=2.9.5)

com.fasterxml.jackson.core:jackson-databind MAVEN version =2.9.0, =0.0.1, =0.0.6, =0.0.1, =local, =0.0.6, =0.0.1, =0.0.1, =0.0.6, =0.0.1, =1.3.0, =1.4.3 - ai.grakn:grakn-bootup =v1.1.0-226-g847ecff2d8e26f249422247d7665fe15f07b1744 and more Source cves: CVE-2017-7525, CVE-2018-11307 Source advisor...

ai.snips:play-mongo-bson_2.12 (>=0.5 <=0.5.1), al.bluecryst:bluecrystal (>=2.3.0 <=2.3.4) +5075 more potentially affected by CVE-2017-7525 +1 more via com.fasterxml.jackson.core:jackson-databind (>=2.8.0 <=2.8.11.1)

com.fasterxml.jackson.core:jackson-databind MAVEN version =2.8.0, =0.5, =2.3.0, =1.5.6, =4.2.1, =4.4.1, =1.0.0.RELEASE, =2.5.0-beta.0, =3.5.4-rc.0, =3.5.9, =3.5.9, =3.5.15, =3.5.15, =3.5.21 and more Source cves: CVE-2017-7525, CVE-2018-11307 Source advisory: OSV:GHSA-QR7J-H6GG-JMGC...

CVE-2018-11307

creationtimestamp| type| source ---|---|--- 2019-07-09 20:35:45+00:00| seen| https://t.me/cibsecurity/5420...

CVE-2018-11307

An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltration of content. Fixed in 2.7.9.4, 2.8.11.2, and 2.9.6...

CVE-2018-11307

CVE-2018-11307 concerns a deserialization issue in FasterXML Jackson-databind from 2.0.0 to 2.9.5 that enables content exfiltration when using Jackson default typing with an iBatis gadget class. Affected: jackson-databind components in these versions. Impact: potential exposure of serialized cont...

CVE-2018-11307

An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltration of content. Fixed in 2.7.9.4, 2.8.11.2, and 2.9.6...