13 matches found
ROOT-APP-MAVEN-CVE-2020-36189 CVE-2020-36189 in io.root.com.fasterxml.jackson.core:jackson-databind - Patched by Root
Root has patched CVE-2020-36189 in the io.root.com.fasterxml.jackson.core:jackson-databind package for Root:Maven. Multiple fixed versions available...
Linux Distros Unpatched Vulnerability : CVE-2020-36189
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...
ai.agnos:reactive-sparql_2.12 (>=0.3.0 <=0.3.1), ai.chronon:aggregator_2.11 (>=0.0.1 <=thread_contention-0.0.23-dev3) +25285 more potentially affected by CVE-2020-36189 via com.fasterxml.jackson.core:jackson-databind (>=2.7.0 <=2.9.10.7)
com.fasterxml.jackson.core:jackson-databind MAVEN version =2.7.0, =0.3.0, =0.0.1, =0.0.6, =0.0.1, =0.0.1, =thread-pool-0.0.24-dev, =local, =local, =0.0.6, =0.0.1, =0.42.1, =0.42.1, =0.40.2, =0.42.1, =0.80.6 and more Source cves: CVE-2020-36189 Source advisory: OSV:GHSA-VFQX-33QM-G869...
Oracle Primavera Gateway (Jul 2021 CPU)
The 17.12.11, 18.8.11, 19.12.10, and 20.12.0 versions of Primavera Gateway installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2021 CPU advisory. - Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering component: Admin...
Important: Red Hat Security Advisory: Openshift Logging Bug Fix Release (5.0.3)
Openshift Logging Bug Fix Release 5.0.3 This release includes a security update. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.6.26 security and extras update
Red Hat OpenShift Container Platform release 4.6.26 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a...
Debian DLA-2638-1 : jackson-databind security update
Multiple security vulnerabilities were found in Jackson Databind. CVE-2020-24616 FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource aka Anteros-DBCP. CVE-2020-24750 FasterXML...
Security Bulletin: jackson-databind vulnerabilities CVE-2020-36185/36181/36189/36188/36184/36180 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to V4.0
Summary Jackson-databind vulnerabilities CVE-2020-36185, CVE-2020-36181, CVE-2020-36189, CVE-2020-36188, CVE-2020-36184, CVE-2020-36180, CVE-2020-36183, CVE-2020-36179, CVE-2020-36187, CVE-2020-36186, CVE-2020-36182 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer...
DEBIAN-CVE-2020-36189
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource...
CVE-2020-36189
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource...
CVE-2020-36189
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource...
UBUNTU-CVE-2020-36189
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource...
CVE-2020-36189
CVE-2020-36189 affects FasterXML jackson-databind 2.x before 2.9.10.8. The issue is a deserialization/serialization typing interaction with gadgets (e.g., logback, MySQL/commons proxies) that can lead to arbitrary code execution, data exfiltration or integrity/availability impacts as described in...