Lucene search
K

13 matches found

GithubExploit
GithubExploit
added 2022/04/20 12:26 p.m.384 views

Exploit for Deserialization of Untrusted Data in Sernet Verinice

CVE-2021-36981 Verinice.Pro 1.22.1 Unsafe Java deserialization...

9CVSS9.2AI score0.06049EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2020/06/15 4:13 p.m.12 views

jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the c3p0 gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or Id.MINIMALCLASS ...

9.8CVSS7.3AI score0.37925EPSS
Exploits7References5
RedHat Linux
RedHat Linux
added 2018/10/17 7:28 p.m.7 views

jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the c3p0 gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or Id.MINIMALCLASS ...

9.8CVSS7.3AI score0.37925EPSS
Exploits7References5
RedHat Linux
RedHat Linux
added 2018/06/28 7:27 a.m.4 views

jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the c3p0 gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or Id.MINIMALCLASS ...

9.8CVSS7.3AI score0.37925EPSS
Exploits7References5
RedHat Linux
RedHat Linux
added 2018/06/27 3:3 p.m.6 views

jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the c3p0 gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or Id.MINIMALCLASS ...

9.8CVSS7.3AI score0.37925EPSS
Exploits7References5
RedHat Linux
RedHat Linux
added 2018/06/27 3:3 p.m.7 views

jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the c3p0 gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or Id.MINIMALCLASS ...

9.8CVSS7.3AI score0.37925EPSS
Exploits7References5
RedHat Linux
RedHat Linux
added 2018/06/27 2:35 p.m.2 views

jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the c3p0 gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or Id.MINIMALCLASS ...

9.8CVSS7.3AI score0.37925EPSS
Exploits7References5
RedHat Linux
RedHat Linux
added 2018/06/04 11:15 a.m.4 views

jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the c3p0 gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or Id.MINIMALCLASS ...

9.8CVSS7.3AI score0.37925EPSS
Exploits7References5
RedHat Linux
RedHat Linux
added 2018/05/14 8:51 p.m.3 views

jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the c3p0 gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or Id.MINIMALCLASS ...

9.8CVSS7.3AI score0.37925EPSS
Exploits7References5
RedHat Linux
RedHat Linux
added 2018/05/14 8:36 p.m.10 views

jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the c3p0 gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or Id.MINIMALCLASS ...

9.8CVSS7.3AI score0.37925EPSS
Exploits7References5
RedHat Linux
RedHat Linux
added 2018/05/14 8:36 p.m.3 views

jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the c3p0 gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or Id.MINIMALCLASS ...

9.8CVSS7.3AI score0.37925EPSS
Exploits7References5
RedHat Linux
RedHat Linux
added 2018/05/14 8:36 p.m.9 views

jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the c3p0 gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or Id.MINIMALCLASS ...

9.8CVSS7.3AI score0.37925EPSS
Exploits7References5
RedHat Linux
RedHat Linux
added 2018/05/14 8:15 p.m.3 views

jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the c3p0 gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or Id.MINIMALCLASS ...

9.8CVSS7.3AI score0.37925EPSS
Exploits7References5
Rows per page
Query Builder