9 matches found
Unsafe Deserialization in jackson-databind
FasterXML jackson-databind 2.x before 2.9.10.8 an 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource...
GHSA-VFQX-33QM-G869 Unsafe Deserialization in jackson-databind
FasterXML jackson-databind 2.x before 2.9.10.8 an 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource...
GHSA-F9XH-2QGP-CQ57 Unsafe Deserialization in jackson-databind
FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource...
Unsafe Deserialization in jackson-databind
FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS...
Unsafe Deserialization in jackson-databind
FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS...
GHSA-QJW2-HR98-QGFH Unsafe Deserialization in jackson-databind
FasterXML jackson-databind 2.x before 2.6.7.5 and from 2.7.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration...
PT-2021-7983 · Unknown +3 · Jackson-Databind +3
Name of the Vulnerable Software and Affected Versions: jackson-databind versions prior to 2.9.10.7 jackson-databind versions prior to 2.6.7.5 Description: The issue is related to the jackson-databind library's handling of serialization gadgets and typing, which can lead to the restoration of...
PT-2021-3162 · Fasterxml +3 · Jackson-Databind +3
Name of the Vulnerable Software and Affected Versions: FasterXML jackson-databind versions 2.x before 2.9.10.8 FasterXML jackson-databind versions 2.6.x before 2.6.7.5 Description: The issue is related to the interaction between serialization gadgets and typing, specifically with the...
PT-2021-3169 · Apache +3 · Apache Tomcat +3
Name of the Vulnerable Software and Affected Versions: FasterXML jackson-databind versions 2.0.0 through 2.9.10.7 FasterXML jackson-databind versions 2.6.0 through 2.6.7.4 Description: The issue is related to the interaction between serialization gadgets and typing, specifically with the...