18 matches found
Astra Linux - уязвимость в jackson-databind
FasterXML Jackson-Databind 2.x versions before 2.9.10.8 mishandle the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS...
Astra Linux – Vulnerability in Jackson-Databind
FasterXML Jackson-Databind 2.x versions before 2.9.10.8 mishandle the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS...
Astra Linux – Vulnerability in Jackson-Databind
FasterXML Jackson-Databind 2.x versions before 2.9.10.8 mishandle the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS...
EUVD-2021-2504
Malware in sbrugna...
EUVD-2021-2482
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-36179
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...
Linux Distros Unpatched Vulnerability : CVE-2020-36181
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...
SUSE CVE-2020-36180
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS...
GHSA-89QR-369F-5M5X Unsafe Deserialization in jackson-databind
FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS...
The vulnerability of the org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS component from the Jackson-databind library in the FasterXML project allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS component in the Jackson-databind library of the FasterXML project is related to the restoration of unreliable data in memory. Exploiting this vulnerability may allow an attacker to compromise the confidentiality,...
The vulnerability of the org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS component from the Jackson-databind library in the FasterXML project allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS component in the Jackson-databind library of the FasterXML project is related to the restoration of unreliable data in memory. Exploiting this vulnerability may allow an attacker to compromise the confidentiality,...
The vulnerability of the org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS component in the Jackson-databind library of the FasterXML project allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS component in the Jackson-databind library of the FasterXML project is related to the restoration of unreliable data in memory. Exploiting this vulnerability may allow an attacker to compromise the confidentiality,...
The vulnerability of the oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS component in the Jackson-databind library of the FasterXML project allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS component in the Jackson-databind library of the FasterXML project is related to the restoration of unreliable data in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentialit...
Arbitrary Code Execution
jackson-databind is vulnerable to remote code execution RCE. The vulnerability exists through the lack of sanitization of the org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS class through deserialization...
CVE-2020-36182
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS...
CVE-2020-36179
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS...
Design/Logic Flaw
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS...
CVE-2020-36179
CVE-2020-36179 affects FasterXML Jackson Databind (2.x) prior to 2.9.10.8, where the interaction between serialization gadgets and typing (notably involving DriverAdapterCPDS variants) is mishandled. Several connected advisories corroborate an insecure-deserialization pattern that can be triggere...