Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2020-36182

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

8.8CVSS6.8AI score0.05018EPSS
Exploits2References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/29 10:53 p.m.50 views

Security Bulletin: Vulnerabilities in JAR files affect Transparent Cloud Tiering in IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in multiple JAR files affect Transparent Cloud Tiering in IBM SAN Volume Controller, IBM Storwize, IBM Storage Virtualize and IBM FlashSystem products. The vulnerabilities are not thought to be exploitable but IBM recommends upgrade for users of Transparent Cloud Tiering...

9.8CVSS9.8AI score0.45205EPSS
Exploits8Affected Software10
SUSE CVE
SUSE CVE
added 2023/02/15 3:50 a.m.9 views

SUSE CVE-2020-36182

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS...

8.8CVSS8AI score0.05018EPSS
Exploits2References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/01 9:46 p.m.85 views

Security Bulletin: Vulnerability in jackson-databind affects IBM Process Mining (Multiple CVEs)

Summary There is a vulnerability in jackson-databind that could allow a local attacker to launch a symlink attack. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2020-36182 DESCRIPTION:...

10CVSS9.1AI score0.45205EPSS
Exploits26Affected Software1
vulnersOsv
vulnersOsv
added 2021/12/09 7:15 p.m.5 views

ai.agnos:reactive-sparql_2.12 (>=0.3.0 <=0.3.1), ai.chronon:aggregator_2.11 (>=0.0.1 <=thread_contention-0.0.23-dev3) +25285 more potentially affected by CVE-2020-36182 via com.fasterxml.jackson.core:jackson-databind (>=2.7.0 <=2.9.10.7)

com.fasterxml.jackson.core:jackson-databind MAVEN version =2.7.0, =0.3.0, =0.0.1, =0.0.6, =0.0.1, =0.0.1, =thread-pool-0.0.24-dev, =local, =local, =0.0.6, =0.0.1, =0.42.1, =0.42.1, =0.40.2, =0.42.1, =0.80.6 and more Source cves: CVE-2020-36182 Source advisory: OSV:GHSA-89QR-369F-5M5X...

8.8CVSS6.7AI score0.05018EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2021/05/06 1:38 p.m.100 views

Important: Red Hat Security Advisory: Openshift Logging Bug Fix Release (5.0.3)

Openshift Logging Bug Fix Release 5.0.3 This release includes a security update. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

10CVSS7.4AI score0.20929EPSS
Exploits15References5
RedHat Linux
RedHat Linux
added 2021/04/27 8:55 a.m.111 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.6.26 security and extras update

Red Hat OpenShift Container Platform release 4.6.26 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a...

10CVSS7.5AI score0.20929EPSS
Exploits15References28
Tenable Nessus
Tenable Nessus
added 2021/04/27 12:0 a.m.75 views

Debian DLA-2638-1 : jackson-databind security update

Multiple security vulnerabilities were found in Jackson Databind. CVE-2020-24616 FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource aka Anteros-DBCP. CVE-2020-24750 FasterXML...

8.8CVSS7AI score0.20929EPSS
Exploits16References20
Debian
Debian
added 2021/04/24 8:50 p.m.108 views

[SECURITY] [DLA 2638-1] jackson-databind security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2638-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta April 25, 2021 https://wiki.debian.org/LTS -...

8.8CVSS8.9AI score0.20929EPSS
Exploits16
GithubExploit
GithubExploit
added 2021/01/10 6:47 a.m.214 views

Exploit for Deserialization of Untrusted Data in Netapp Cloud_Backup

Description CVE-2020-36179: FasterXML jackson-databind 2.x be...

8.8CVSS8.2AI score0.20929EPSS
Exploits5
UbuntuCve
UbuntuCve
added 2021/01/07 12:15 a.m.30 views

CVE-2020-36182

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS...

8.8CVSS6.9AI score0.05018EPSS
Exploits2References3
CVE
CVE
added 2021/01/06 10:30 p.m.291 views

CVE-2020-36182

CVE-2020-36182 affects FasterXML jackson-databind 2.x before 2.9.10.8, due to mishandling of serialization gadgets and typing involving DriverAdapterCPDS (org.apache.tomcat.dbcp.dbcp2.cpdsadapter). Do not speculate on exploitability beyond what is stated; some sources (e.g., Debian LTS advisory) ...

8.8CVSS7.7AI score0.05018EPSS
Exploits2References10Affected Software1
Debian CVE
Debian CVE
added 2021/01/06 10:30 p.m.32 views

CVE-2020-36182

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS...

8.8CVSS8.1AI score0.05018EPSS
Exploits2
Rows per page
Query Builder