Lucene search
K

31 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2018-14720

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity XXE attacks by leveraging failure to block unspecified JDK...

9.8CVSS8AI score0.07524EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.54 views

Ubuntu 16.04 ESM : Jackson Databind vulnerabilities (USN-4813-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4813-1 advisory. It was discovered that Jackson Databind incorrectly handled deserialization. An attacker could possibly use this issue to obtain sensitive information...

10CVSS7.8AI score0.45205EPSS
Exploits10References40
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/09 2:52 p.m.40 views

Security Bulletin: B2B API of IBM Sterling B2B Integrator is vulnerable to multiple issues due to FasterXML jackson-databind

Summary IBM Sterling B2B Integrator has addressed the security vulnerabilities in jackson-databind in B2B API. Vulnerability Details CVEID:CVE-2019-20330 DESCRIPTION: A lacking of certain net.sf.ehcache blocking in FasterXML jackson-databind has an unknown impact and attack vector. CVSS Base scor...

9.8CVSS9.8AI score0.45205EPSS
Exploits8Affected Software1
RedHat Linux
RedHat Linux
added 2021/04/27 8:55 a.m.110 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.6.26 security and extras update

Red Hat OpenShift Container Platform release 4.6.26 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a...

10CVSS7.5AI score0.20929EPSS
Exploits15References28
IBM Security Bulletins
IBM Security Bulletins
added 2021/03/02 3:42 p.m.28 views

Security Bulletin: Android Mobile SDK compile builder includes vulnerable components

Summary A third party JSON parser that Android Mobile SDK uses include vulnerable components. The JSON parser is included in the compile builder provided to customers to compile their Mobile SDK manifest. It is not included within customer apps. Vulnerability Details CVEID: CVE-2018-7489...

9.8CVSS1.6AI score0.20135EPSS
Exploits1Affected Software1
Atlassian
Atlassian
added 2020/09/23 9:5 p.m.54 views

JSW Server not vulnerable to an Insecure Deserialization issue in Jackson Databind - CVE-2018-14720

Scanners may falsely flag some versions of Jira Software Server before 8.5.5 as vulnerable to an Insecure Deserialization issue in Jackson Databind CVE-2018-14720. This vulnerability in a transitive dependency was being flagged because Jira Software assumed the version of applinks provided by Jir...

9.8CVSS3.7AI score0.07524EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/07 5:41 p.m.58 views

Security Bulletin: Third party vulnerable library Jackson-Databind affects IBM Engineering Lifecycle Optimization - Publishing

Summary There are some vulnerabilities in the Jackson-Databind library that affects IBM Engineering Lifecycle Optimization - Publishing Vulnerability Details CVEID: CVE-2018-7489 DESCRIPTION: FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused ...

10CVSS1AI score0.49727EPSS
Exploits4Affected Software1
RedHat Linux
RedHat Linux
added 2020/06/15 4:18 p.m.68 views

Important: Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 16 security update

This is a security update for JBoss EAP Continuous Delivery 16.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

10CVSS7.7AI score0.12679EPSS
Exploits0References8
IBM Security Bulletins
IBM Security Bulletins
added 2020/05/29 3:44 p.m.36 views

Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerabilities

Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to security vulnerabilities. Jackson-databind-2.8.11.2 library has known vulnerabilities in IBM Identity Governance and Intelligence. Vulnerability Details CVEID: CVE-2018-1000873 DESCRIPTION...

10CVSS1.5AI score0.45205EPSS
Exploits6Affected Software1
RedhatCVE
RedhatCVE
added 2020/04/09 12:16 p.m.33 views

CVE-2018-14720

FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity XXE attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization. Mitigation The following conditions are needed for an exploit, we recommend avoiding all if possibl...

9.8CVSS5AI score0.07524EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2019/11/14 9:17 p.m.144 views

Important: Red Hat Security Advisory: Red Hat Fuse 7.5.0 security update

A minor version update from 7.4 to 7.5 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

10CVSS7.9AI score0.94774EPSS
Exploits20References30
RedHat Linux
RedHat Linux
added 2019/10/18 7:52 p.m.176 views

Important: Red Hat Security Advisory: OpenShift Container Platform logging-elasticsearch5-container security update

An update for logging-elasticsearch5-container is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

10CVSS7.5AI score0.49727EPSS
Exploits10References21
OpenVAS
OpenVAS
added 2019/09/23 12:0 a.m.52 views

Fedora Update for jackson-databind FEDORA-2019-fb23eccc03

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

10CVSS8.5AI score0.45205EPSS
Exploits4References2
RedHat Linux
RedHat Linux
added 2019/07/22 2:53 p.m.153 views

Important: Red Hat Security Advisory: Red Hat Decision Manager 7.4.0 Security Update

An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links i...

10CVSS7.6AI score0.94774EPSS
Exploits9References14
RedHat Linux
RedHat Linux
added 2019/07/22 2:53 p.m.108 views

Important: Red Hat Security Advisory: Red Hat Process Automation Manager 7.4.0 Security Update

An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

10CVSS7.6AI score0.94774EPSS
Exploits9References14
Tenable Nessus
Tenable Nessus
added 2019/05/28 12:0 a.m.58 views

Debian DSA-4452-1 : jackson-databind - security update

Multiple security issues were found in jackson-databind, a Java library to parse JSON and other data formats which could result in information disclosure or the execution of arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

10CVSS7.6AI score0.21949EPSS
Exploits2References14
Debian
Debian
added 2019/05/24 9:4 p.m.286 views

[SECURITY] [DSA 4452-1] jackson-databind security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4452-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 24, 2019 https://www.debian.org/security/faq -...

10CVSS10AI score0.21949EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2019/05/13 12:0 a.m.39 views

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.2.1 on RHEL 7 (RHSA-2019:1108)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1108 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on JBoss Application Server 7. This release of Red...

10CVSS7.5AI score0.10458EPSS
Exploits0References57
RedHat Linux
RedHat Linux
added 2019/05/09 6:14 p.m.142 views

Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.3.1 security update

A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

10CVSS6.9AI score0.10458EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2019/05/08 12:12 p.m.132 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.1 on RHEL 7 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

10CVSS6.9AI score0.10458EPSS
Exploits0References48
Rows per page
Query Builder