Lucene search
K

18 matches found

OSV
OSV
added 2026/06/17 12:17 p.m.5 views

ROOT-APP-MAVEN-CVE-2020-14062 CVE-2020-14062 in io.root.com.fasterxml.jackson.core:jackson-databind - Patched by Root

Root has patched CVE-2020-14062 in the io.root.com.fasterxml.jackson.core:jackson-databind package for Root:Maven. Multiple fixed versions available...

8.1CVSS5.2AI score0.08072EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2020-14062

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to...

8.1CVSS7AI score0.08072EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.34 views

Mageia: Security Advisory (MGASA-2021-0153)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.45205EPSS
Exploits10References17
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/22 5:30 a.m.57 views

Security Bulletin: Series of vulnerabilities in FasterXML jackson-databind affect Apache Solr shipped with IBM Operations Analytics - Log Analysis

Summary There are series of Deserialization of Untrusted Data vulnerabilities and Input Validation vulnerability in various versions of FasterXML jackson-databind that affect Apache Solr. The vulnerabilities are in Vulnerability Details section. Vulnerability Details CVEID: CVE-2020-11620...

9.8CVSS2AI score0.26587EPSS
Exploits5Affected Software1
Ubuntu
Ubuntu
added 2021/03/15 9:47 p.m.80 views

USN-4813-1: Jackson Databind vulnerabilities

It was discovered that Jackson Databind incorrectly handled deserialization. An attacker could possibly use this issue to obtain sensitive information. CVE-2018-11307, CVE-2019-12086, CVE-2019-12814 It was discovered that Jackson Databind incorrectly handled deserialization. An attacker could...

10CVSS7.4AI score0.45205EPSS
Exploits10
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/14 12:51 p.m.31 views

Security Bulletin: Netcool Operations Insight component IBM Network Performance Insight 1.3.1 affected by CVE-2020-14062

Summary Netcool Operations Insight component IBM Network Performance Insight 1.3.1 affected by CVE-2020-14062 Vulnerability Details CVEID: CVE-2020-14062 DESCRIPTION: FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe...

8.1CVSS1.6AI score0.08072EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/08/11 12:0 a.m.52 views

FreeBSD : puppetdb -- Multiple vulnerabilities (10e3ed8a-db7f-11ea-8bdf-643150d3111d)

Puppetlabs reports : In June 2020, jackson-databind published security updates addressing several CVEs. Previous releases of PuppetDB contain a vulnerable version of jackson.core:jackson-databind. PuppetDB 5.2.18 contains an updated version of jackson-databind that has patched the vulnerabilities...

9.8CVSS7.2AI score0.18345EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2020/07/29 6:21 a.m.93 views

Important: Red Hat Security Advisory: Red Hat Process Automation Manager 7.8.0 Security Update

An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

9.8CVSS7.5AI score0.87806EPSS
Exploits11References35
RedHat Linux
RedHat Linux
added 2020/07/29 6:6 a.m.98 views

Important: Red Hat Security Advisory: Red Hat Decision Manager 7.8.0 Security Update

An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...

9.8CVSS7.4AI score0.87806EPSS
Exploits10References34
RedHat Linux
RedHat Linux
added 2020/07/28 3:54 p.m.117 views

Important: Red Hat Security Advisory: Red Hat Fuse 7.7.0 release and security update

A minor version update from 7.6 to 7.7 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

10CVSS7.2AI score0.58373EPSS
Exploits16References50
Tenable Nessus
Tenable Nessus
added 2020/07/02 12:0 a.m.54 views

Debian DLA-2270-1 : jackson-databind security update

There were several CVEs reported against src:jackson-databind, which are as follows : CVE-2020-14060 FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool aka apache/drill...

8.1CVSS7.2AI score0.08607EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2020/07/02 12:0 a.m.32 views

Debian: Security Advisory (DLA-2270-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.3AI score0.08607EPSS
Exploits0References3
Debian
Debian
added 2020/07/01 12:28 p.m.56 views

[SECURITY] [DLA 2270-1] jackson-databind security update

Package : jackson-databind Version : 2.4.2-2+deb8u15 CVE ID : CVE-2020-14060 CVE-2020-14061 CVE-2020-14062 CVE-2020-14195 There were several CVEs reported against src:jackson-databind, which are as follows: CVE-2020-14060 FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction...

8.1CVSS8.6AI score0.08607EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2020/06/18 2:44 p.m.6 views

ai.chronon:aggregator_2.11 (>=0.0.1 <=thread_contention-0.0.23-dev3), ai.chronon:aggregator_2.12 (>=0.0.6 <=thread_contention-0.0.23-dev3) +9465 more potentially affected by CVE-2020-14062 via com.fasterxml.jackson.core:jackson-databind (>=2.9.0 <=2.9.10.4)

com.fasterxml.jackson.core:jackson-databind MAVEN version =2.9.0, =0.0.1, =0.0.6, =0.0.1, =0.0.1, =thread-pool-0.0.24-dev, =local, =local, =0.0.6, =0.0.1, =threadcontention-0.0.23-dev3 - ai.genauth:genauth-java-sdk =3.1.11 - ai.ylyue:yue-library-auth-client =2.1.0 -...

8.1CVSS6.7AI score0.08072EPSS
Exploits0
Chainguard
Chainguard
added 2020/06/14 8:15 p.m.9 views

CVE-2020-14062 vulnerabilities

Vulnerabilities for packages: hive...

8.1CVSS9.6AI score0.08072EPSS
Exploits0
OSV
OSV
added 2020/06/14 8:15 p.m.24 views

CVE-2020-14062

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool aka xalan2...

8.1CVSS6.5AI score
Exploits0References9
UbuntuCve
UbuntuCve
added 2020/06/14 8:15 p.m.37 views

CVE-2020-14062

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool aka xalan2...

8.1CVSS6.8AI score0.08072EPSS
Exploits0References4
CVE
CVE
added 2020/06/14 7:42 p.m.448 views

CVE-2020-14062

CVE-2020-14062 affects jackson-databind 2.x prior to 2.9.10.5, where interaction between serialization gadgets and typing (related to JNDIConnectionPool) can lead to deserialization abuse with high impact. IBM/X-Force entries consolidate this as a 9.8/3.0 vulnerability. In the connected IBM bulle...

8.1CVSS8.6AI score0.08072EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder