Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-3473

Malicious code in bioql PyPI...

9.8CVSS8AI score0.05175EPSS
Exploits0References23
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/20 7:23 a.m.47 views

Security Bulletin: IBM B2B Advanced Communications is vulnerable to denial of service due to FasterXML jackson-databind (CVE-2018-1000873)

Summary IBM B2B Advanced Communications has addressed vulnerabilities in FasterXML jackson-databind shipped with product. Vulnerability Details CVEID:CVE-2018-1000873 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, caused by improper input validation by the nanosecon...

6.5CVSS7.9AI score0.04758EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/06 12:30 p.m.97 views

Security Bulletin: IBM Security Guardium Insights is affected by Components with known vulnerabilities

Summary IBM Security Guardium Insights has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2017-15095 DESCRIPTION: Jackson Library could allow a remote attacker to execute arbitrary code on the system, caused by a deserialization flaw in the readValue method of the...

10CVSS1.3AI score0.49727EPSS
Exploits13Affected Software1
RedHat Linux
RedHat Linux
added 2020/12/16 12:11 p.m.179 views

Important: Red Hat Security Advisory: Red Hat Fuse 7.8.0 release and security update

A minor version update from 7.7 to 7.8 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

9.8CVSS8AI score0.95586EPSS
Exploits12References39
IBM Security Bulletins
IBM Security Bulletins
added 2020/05/29 3:44 p.m.36 views

Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerabilities

Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to security vulnerabilities. Jackson-databind-2.8.11.2 library has known vulnerabilities in IBM Identity Governance and Intelligence. Vulnerability Details CVEID: CVE-2018-1000873 DESCRIPTION...

10CVSS1.5AI score0.45205EPSS
Exploits6Affected Software1
RedhatCVE
RedhatCVE
added 2020/02/24 7:31 a.m.56 views

CVE-2018-1000873

Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service DoS. This attack appear to be exploitable via The victim deserializes malicious input, specifically very large values in the...

6.5CVSS5.3AI score0.04758EPSS
Exploits1References2
NVD
NVD
added 2019/10/01 3:15 p.m.42 views

CVE-2019-10202

A series of deserialization vulnerabilities have been discovered in Codehaus 1.9.x implemented in EAP 7. This CVE fixes CVE-2017-17485, CVE-2017-7525, CVE-2017-15095, CVE-2018-5968, CVE-2018-7489, CVE-2018-1000873, CVE-2019-12086 reported for FasterXML jackson-databind by implementing a whitelist...

9.8CVSS8.9AI score0.05175EPSS
Exploits0References9
Prion
Prion
added 2019/10/01 3:15 p.m.43 views

Deserialization of untrusted data

A series of deserialization vulnerabilities have been discovered in Codehaus 1.9.x implemented in EAP 7. This CVE fixes CVE-2017-17485, CVE-2017-7525, CVE-2017-15095, CVE-2018-5968, CVE-2018-7489, CVE-2018-1000873, CVE-2019-12086 reported for FasterXML jackson-databind by implementing a whitelist...

7.5CVSS8.8AI score0.49727EPSS
Exploits10References9Affected Software1
OpenVAS
OpenVAS
added 2019/05/07 12:0 a.m.85 views

Fedora Update for eclipse-linuxtools FEDORA-2019-df57551f6d

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

10CVSS8.7AI score0.12679EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2019/05/07 12:0 a.m.84 views

Fedora Update for bouncycastle FEDORA-2019-df57551f6d

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

10CVSS8.7AI score0.12679EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2019/03/05 9:30 a.m.41 views

Security Bulletin: Multiple vulnerabilities have been identified in FasterXML Jackson library shipped with IBM Tivoli Netcool/OMNIbus Common Integration Libraries (CVE-2018-19360, CVE-2018-19361, CVE-2018-19362, CVE-2018-1000873)

Summary FasterXML Jackson library is shipped as a component of IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library and Transformer for Message Bus Integration. Information about security vulnerabilities affecting FasterXML Jackson library has been published. The Netcool/OMNIbus...

9.8CVSS1.1AI score0.10599EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/02/19 12:0 a.m.77 views

Fedora 29 : bouncycastle / eclipse-jgit / eclipse-linuxtools / etc (2019-df57551f6d)

Fixes CVE-2018-14718 CVE-2018-14719 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and CVE-2016-7051. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable...

10CVSS7.2AI score0.12679EPSS
Exploits1References12
NVD
NVD
added 2018/12/20 5:29 p.m.31 views

CVE-2018-1000873

Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service DoS. This attack appear to be exploitable via The victim deserializes malicious input, specifically very large values in the...

6.5CVSS7.1AI score0.04758EPSS
Exploits1References14
CVE
CVE
added 2018/12/20 5:0 p.m.252 views

CVE-2018-1000873

CVE-2018-1000873 : A CWE-20 DoS vulnerability in Fasterxml Jackson, specifically in jackson-modules-java8 prior to 2.9.8, allows an attacker to trigger denial of service by deserializing malicious input (notably very large values in the nanoseconds field of a time value). The issue is fixed in 2....

6.5CVSS7.7AI score0.04758EPSS
Exploits1References14Affected Software1
Rows per page
Query Builder