Lucene search
K

87 matches found

OSV
OSV
added 2026/04/17 1:8 p.m.6 views

CLSA-2025-1760018305 jackson-databind: Fix of CVE-2020-36518

CVE-2020-36518: fix denial of service via a large depth of nested objects...

7.5CVSS7AI score0.0486EPSS
Exploits1References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/27 6:51 a.m.9 views

Security Bulletin: IBM Engineering Lifecycle Management - Jazz Foundation is impacted by vulnerabilities in FasterXML jackson-databind

Summary Vulnerabilities have been identified in FasterXML jackson-databind, which is used in IBM Engineering Lifecycle Management - Jazz Foundation. Vulnerability Details CVEID:CVE-2022-42003 DESCRIPTION: In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion ca...

7.5CVSS7.3AI score0.17611EPSS
Exploits5Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : jackson (AXSA:2023-5805:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5805:01 advisory. jackson-databind: denial of service via a large depth of nested objects CVE-2020-36518 Tenable has extracted the preceding description block directly from th...

7.5CVSS7.1AI score0.0486EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/13 12:56 p.m.10 views

Security Bulletin: IBM B2B Advanced Communications is affected by multiple vulnerabilities in log4j

Summary IBM B2B Advanced Communications has addressed vulnerabilities in log4j shipped with productCVE-2022-0084 CVE-2020-36518 CVE-2021-37136 CVE-2022-23913 CVE-2022-24785 Vulnerability Details CVEID:CVE-2022-0084 DESCRIPTION: A flaw was found in XNIO, specifically in the notifyReadClosed method...

7.5CVSS7.3AI score0.05664EPSS
Exploits2Affected Software1
OSV
OSV
added 2025/12/04 2:24 p.m.6 views

CLSA-2025-1764858279 jackson-databind: Fix of 2 CVEs

Removed CVE-2020-36518.patch: jackson-databind 2.14.1-1 is not affected - Rebuilt with the CVE-2025-52999: fixed jackson-core version...

8.7CVSS6.8AI score0.0486EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/06/25 12:0 a.m.6 views

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.1.11 on RHEL 7 (RHSA-2025:9582)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:9582 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

7.8CVSS7.2AI score0.06779EPSS
Exploits2References34
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.7 views

Alibaba Cloud Linux 3 : 0150: pki-core:10.6 and pki-deps:10.6 (ALINUX3-SA-2024:0150)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0150 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-36518: jackson-databind before 2.13.0 allo...

7.5CVSS6.8AI score0.0486EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.22 views

Oracle Siebel Server <= 23.5 (July 2023 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2023 CPU advisory. - Vulnerability in the Siebel CRM product of Oracle Siebel CRM component: EAI JSON-java. Supported versions that are affected are 23.5 and prior...

9.8CVSS6.5AI score0.52458EPSS
Exploits12References14
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/14 3:36 p.m.43 views

Security Bulletin: Vulnerability in jackson-databind affects watsonx.data

Summary FasterXML jackson-databind is vulnerable to a denial of service, caused by a Java StackOverflow exception and other causes Vulnerability Details CVEID:CVE-2020-36518 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, caused by a Java StackOverflow exception. By...

7.5CVSS7.6AI score0.17611EPSS
Exploits5Affected Software1
Rockylinux
Rockylinux
added 2024/06/14 1:59 p.m.35 views

pki-core:10.6 and pki-deps:10.6 security update

An update is available for module.slf4j, xerces-j2, javassist, xml-commons-resolver, xml-commons-apis, module.jackson-jaxrs-providers, module.xsom, apache-commons-lang, velocity, module.apache-commons-collections, jackson-core, module.stax-ex, module.jackson-core, pki-core, jackson-jaxrs-provider...

7.5CVSS7.1AI score0.0486EPSS
Exploits1
OSV
OSV
added 2024/06/14 1:59 p.m.32 views

RLSA-2024:3061 Moderate: pki-core:10.6 and pki-deps:10.6 security update

The Public Key Infrastructure PKI Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System. Security Fixes: jackson-databind: denial of service via a large depth of nested objects CVE-2020-36518 For more details about the security issues, including th...

7.5CVSS7.5AI score0.0486EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/05/23 12:0 a.m.22 views

RHEL 8 : pki-core:10.6 and pki-deps:10.6 (RHSA-2024:3061)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3061 advisory. The Public Key Infrastructure PKI Core contains fundamental packages required by Red Hat Certificate System. Security Fixes: jackson-databind: denial...

7.5CVSS6.9AI score0.0486EPSS
Exploits1References11
RedHat Linux
RedHat Linux
added 2024/05/22 9:32 a.m.379 views

Moderate: Red Hat Security Advisory: pki-core:10.6 and pki-deps:10.6 security update

An update for the pki-core:10.6 and pki-deps:10.6 modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS6.7AI score0.0486EPSS
Exploits1References8
OSV
OSV
added 2024/05/22 12:0 a.m.37 views

ALSA-2024:3061 Moderate: pki-core:10.6 and pki-deps:10.6 security update

The Public Key Infrastructure PKI Core contains fundamental packages required by AlmaLinux Certificate System. Security Fixes: jackson-databind: denial of service via a large depth of nested objects CVE-2020-36518 For more details about the security issues, including the impact, a CVSS score,...

7.5CVSS7.5AI score0.0486EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2024/03/18 12:0 a.m.39 views

Mageia: Security Advisory (MGASA-2024-0069)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.2AI score0.0486EPSS
Exploits4References11
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/05 5:50 a.m.45 views

Security Bulletin: Multiple vulnerabilities fixed in IBM Security Verify Governance - Identity Manager software component

Summary Multiple security vulnerabilities have been addressed in IBM Security Verify Governance - Identity Manager software component. Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Google Guava could allow a local authenticated attacker to obtain sensitive information, caused by a flaw...

7.5CVSS7.8AI score0.0486EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/04 7:59 a.m.38 views

Security Bulletin: Multiple vulnerabilities has been identified in FasterXML jackson-databind affect IBM Engineering Lifecycle Optimization - Publishing

Summary A security vulnerability has been identified in FasterXML jackson-databind affect IBM Engineering Lifecycle Optimization - Publishing. Information about a security vulnerability affecting jackson-databind has been published in a security bulletin. Vulnerability Details CVEID:CVE-2021-4687...

7.5CVSS6.8AI score0.0486EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/31 11:38 p.m.49 views

Security Bulletin: There are several vulnerabilities in jackson-databind used by IBM Maximo Asset Management (CVE-2022-42003, CVE-2022-42004, CVE-2020-36518)

Summary There are several vulnerabilities in jackson-databind used by IBM Maximo Asset Management. Vulnerability Details CVEID:CVE-2022-42003 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a check in the primitive value deserializers when the...

7.5CVSS7.8AI score0.0486EPSS
Exploits4Affected Software11
RedHat Linux
RedHat Linux
added 2023/05/18 9:54 a.m.85 views

Important: Red Hat Security Advisory: Red Hat AMQ Streams 2.4.0 release and security update

Red Hat AMQ Streams 2.4.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.8CVSS6.8AI score0.95302EPSS
Exploits17References17
Tenable Nessus
Tenable Nessus
added 2023/05/15 12:0 a.m.28 views

Oracle Linux 9 : jackson (ELSA-2023-2312)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-2312 advisory. jackson-annotations 2.14.1-1 - Update to version 2.14.1 - Resolves: 2070122 jackson-core 2.14.1-1 - Update to version 2.14.1 - Resolves: 2070122 jackson-databin...

7.5CVSS6.9AI score0.0486EPSS
Exploits1References2
Rows per page
Query Builder