CVE-2019-0195

Manipulating classpath asset file URLs, an attacker could guess the path to a known file in the classpath and have it downloaded. If the attacker found the file with the value of the tapestry.hmac-passphrase configuration symbol, most probably the webapp's AppModule class, the value of this symbo...

CVE-2019-0195

Manipulating classpath asset file URLs, an attacker could guess the path to a known file in the classpath and have it downloaded. If the attacker found the file with the value of the tapestry.hmac-passphrase configuration symbol, most probably the webapp's AppModule class, the value of this symbo...

Deserialization of untrusted data

Manipulating classpath asset file URLs, an attacker could guess the path to a known file in the classpath and have it downloaded. If the attacker found the file with the value of the tapestry.hmac-passphrase configuration symbol, most probably the webapp's AppModule class, the value of this symbo...

CVE-2019-0195

Manipulating classpath asset file URLs, an attacker could guess the path to a known file in the classpath and have it downloaded. If the attacker found the file with the value of the tapestry.hmac-passphrase configuration symbol, most probably the webapp's AppModule class, the value of this symbo...

CVE-2019-0195

CVE-2019-0195 describes a vulnerability in Apache Tapestry where an attacker can manipulate classpath asset file URLs to download known classpath files. If the attacker obtains the value of the tapestry.hmac-passphrase (likely from AppModule), this can be used to craft a Java deserialization atta...

Deserialization of untrusted data in FasterXML jackson-databind

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2, 2.8.11.4, 2.7.9.6, and 2.6.7.3. This occurs when Default Typing is enabled either globally or for a specific property for an externally exposed JSON endpoint and the service has the logback jar in the...

DEBIAN-CVE-2019-14439

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled either globally or for a specific property for an externally exposed JSON endpoint and the service has the logback jar in the classpath...

UBUNTU-CVE-2019-14439

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled either globally or for a specific property for an externally exposed JSON endpoint and the service has the logback jar in the classpath...

PT-2019-3790 · Qos.Ch +3 · Logback +3

Name of the Vulnerable Software and Affected Versions: jackson-databind versions 2.x before 2.9.9.2 jackson-databind versions 2.8.x before 2.8.11.4 jackson-databind versions 2.7.x before 2.7.9.6 jackson-databind versions 2.6.x before 2.6.7.3 Description: The issue is related to a Polymorphic Typi...

Deserialization of Untrusted Data in FasterXML jackson-databind

FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. Depending on the classpath content, remote code execution may be possible...

UBUNTU-CVE-2019-12814

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x through 2.9.9. When Default Typing is enabled either globally or for a specific property for an externally exposed JSON endpoint and the service has JDOM 1.x or 2.x jar in the classpath, an attacker can send a specificall...

CVE-2019-12814

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x through 2.9.9. When Default Typing is enabled either globally or for a specific property for an externally exposed JSON endpoint and the service has JDOM 1.x or 2.x jar in the classpath, an attacker can send a specificall...

UBUNTU-CVE-2018-12023

An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled either globally or for a specific property, the service has the Oracle JDBC jar in the classpath, and an attacker can provide an LDAP service to access, it is possible to ma...

Security update for java-11-openjdk (important)

openSUSE Security Update: Security update for java-11-openjdk Announcement ID: openSUSE-SU-2019:0161-1 Rating: important References: 1120431 1122293 1122299 Cross-References: CVE-2018-11212 CVE-2019-2422 CVE-2019-2426 Affected Products: openSUSE Leap 15.0 An update that fixes three vulnerabilitie...

GHSA-CGGJ-FVV3-CQWV FasterXML jackson-databind allows unauthenticated remote code execution

FasterXML jackson-databind before before 2.6.7.5, 2.7.x before 2.7.9.3, 2.8.x before 2.8.11.1, and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input...

CVE-2017-2650

It was found that the use of Pipeline: Classpath Step Jenkins plugin enables a bypass of the Script Security sandbox for users with SCM commit access, as well as users with e.g. Job/Configure permission in Jenkins...

CVE-2017-2650

The CVE-2017-2650 entry concerns the Jenkins Pipeline: Classpath Step plugin, where the Script Security sandbox can be bypassed. The issue affects Jenkins environments using this plugin, enabling users with SCM commit access or with permissions such as Job/Configure to bypass sandbox restrictions...

Directory Traversal

Play Assets Controller is affected by a path traversal vulnerability. The application incorrectly handles file paths, making it possible to access files on the classpath that are stored outside of the public folder. This vulnerability only affects the application running on Windows...

Arbitrary Code Execution

ignite-core is vulnerable to arbitrary code execution. Ignite does not restrict the classes used within deserialization which allows attackers to execute code within classes present on the classpath...

Design/Logic Flaw

IBM Data Server Driver for JDBC and SQLJ IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 deserializes the contents of /tmp/connlicj.bin which leads to object injection and potentially arbitrary code execution depending on the classpath. IBM X-Force ID: 133999...