Lucene search
+L

51 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/11/14 1:59 p.m.16 views

Security Bulletin: CVEs addressed in latest release of Cloudera Observability

Summary Common Vulnerabilities addressed by Cloudera Observability 3.6.2 Vulnerability Details CVEID:CVE-2021-20190 DESCRIPTION: A flaw was found in jackson-databind before 2.9.10.7. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this...

9.8CVSS8.9AI score0.21949EPSS
Exploits4Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.12 views

Alibaba Cloud Linux 3 : 0020: pki-core:10.6 (ALINUX3-SA-2021:0020)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0020 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-12086: A Polymorphic Typing issue...

9.8CVSS7.3AI score0.26587EPSS
Exploits9References17
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.57 views

Ubuntu 16.04 ESM : Jackson Databind vulnerabilities (USN-4813-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4813-1 advisory. It was discovered that Jackson Databind incorrectly handled deserialization. An attacker could possibly use this issue to obtain sensitive information...

10CVSS7.8AI score0.45205EPSS
Exploits10References40
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.35 views

Mageia: Security Advisory (MGASA-2021-0153)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.45205EPSS
Exploits10References17
RedhatCVE
RedhatCVE
added 2021/07/18 12:13 a.m.53 views

CVE-2019-12086

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled either globally or for a specific property for an externally exposed JSON endpoint, the service has the mysql-connector-java jar 8.0.14 or earlier in the classpath, and an...

7.5CVSS1.5AI score0.21949EPSS
Exploits2References3
Mageia
Mageia
added 2021/03/27 2:27 p.m.222 views

Updated jackson-databind packages fix security vulnerabilities

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled either globally or for a specific property for an externally exposed JSON endpoint, the service has the mysql-connector-java jar 8.0.14 or earlier in the classpath, and an...

9.8CVSS1.3AI score0.45205EPSS
Exploits10References15
Ubuntu
Ubuntu
added 2021/03/15 9:47 p.m.83 views

USN-4813-1: Jackson Databind vulnerabilities

It was discovered that Jackson Databind incorrectly handled deserialization. An attacker could possibly use this issue to obtain sensitive information. CVE-2018-11307, CVE-2019-12086, CVE-2019-12814 It was discovered that Jackson Databind incorrectly handled deserialization. An attacker could...

10CVSS7.4AI score0.45205EPSS
Exploits10
Tenable Nessus
Tenable Nessus
added 2020/10/09 12:0 a.m.67 views

FreeBSD : Payara -- A Polymorphic Typing issue in FasterXML jackson-databind (bd159669-0808-11eb-a3a4-0019dbb15b3f)

Payara Releases reports : The following is a list of tracked Common Vulnerabilities and Exposures that have been reported and analyzed, which can or have impacted Payara Server across releases : - CVE-2019-12086 A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before...

7.5CVSS7.1AI score0.21949EPSS
Exploits2References3
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/24 10:3 a.m.91 views

Security Bulletin: Multiple Vulnerabilities in IBM Guardium Data Encryption (GDE)

Summary There are multiple vulnerabilities identified in IBM Guardium Data Encryption GDE .These vulnerabilities have been fixed in GDE 4.0.0.3. Please apply the latest version for the fixes. Vulnerability Details CVEID: CVE-2019-4697 DESCRIPTION: IBM Guardium Data Encryption GDE stores user...

10CVSS0.7AI score0.99652EPSS
Exploits23Affected Software1
RedHat Linux
RedHat Linux
added 2020/07/28 3:54 p.m.118 views

Important: Red Hat Security Advisory: Red Hat Fuse 7.7.0 release and security update

A minor version update from 7.6 to 7.7 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

10CVSS7.2AI score0.58373EPSS
Exploits16References50
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/07 4:58 p.m.44 views

Security Bulletin: Multiple vulnerabilities in Open Source used in IBM Cloud Pak System

Summary Multiple vulnerabilities identified in Open Source used in IBM Cloud Pak System. IBM Cloud Pak System addressed vulnerabilities. Vulnerability Details CVEID: CVE-2018-11771 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by the failure to return the corre...

9.8CVSS1.4AI score0.96121EPSS
Exploits9Affected Software1
GithubExploit
GithubExploit
added 2020/05/22 5:10 p.m.110 views

Exploit for Deserialization of Untrusted Data in Fasterxml Jackson-Databind

Document Description CVE-2019-12086 Jackson Unserialization...

7.5CVSS6.7AI score0.21949EPSS
Exploits2
OpenVAS
OpenVAS
added 2020/01/09 12:0 a.m.60 views

Fedora Update for jackson-databind FEDORA-2019-99ff6aa32c

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.3AI score0.45205EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2020/01/09 12:0 a.m.278 views

Fedora Update for jackson-core FEDORA-2019-99ff6aa32c

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.3AI score0.45205EPSS
Exploits4References2
RedHat Linux
RedHat Linux
added 2019/10/24 9:18 a.m.125 views

Moderate: Red Hat Security Advisory: Red Hat AMQ Streams 1.3.0 release and security update

Red Hat AMQ Streams 1.3.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.8CVSS7.4AI score0.45205EPSS
Exploits5References13
Tenable Nessus
Tenable Nessus
added 2019/10/21 12:0 a.m.52 views

Oracle Primavera Unifier Multiple Vulnerabilities (Oct 2019 CPU)

According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote web server is 16.1.x or 16.2.x prior to 16.2.15.10, or 17.7.x through 17.12.x prior to 17.12.11.1, or 18.8.x prior to 18.8.13.0. It is, therefore, affected by multiple vulnerabilities: -...

9.8CVSS7.6AI score0.87218EPSS
Exploits9References6
RedHat Linux
RedHat Linux
added 2019/10/18 7:52 p.m.178 views

Important: Red Hat Security Advisory: OpenShift Container Platform logging-elasticsearch5-container security update

An update for logging-elasticsearch5-container is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

10CVSS7.5AI score0.49727EPSS
Exploits10References21
Tenable Nessus
Tenable Nessus
added 2019/10/18 12:0 a.m.54 views

Oracle Primavera Gateway Multiple Vulnerabilities (Oct 2019 CPU)

According to its self-reported version number, the Oracle Primavera Gateway installation running on the remote web server is 15.x prior to 15.2.17, 16.x prior to 16.2.10, 17.x prior to 17.12.5, or 18.x prior to 18.8.7. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file re...

9.8CVSS8.3AI score0.21949EPSS
Exploits5References5
Tenable Nessus
Tenable Nessus
added 2019/10/15 12:0 a.m.57 views

RHEL 8 : Red Hat Single Sign-On 7.3.4 security update on RHEL 8 (Important) (RHSA-2019:3046)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3046 advisory. Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...

9.8CVSS8.2AI score0.21949EPSS
Exploits2References16
Tenable Nessus
Tenable Nessus
added 2019/10/15 12:0 a.m.37 views

RHEL 6 : Red Hat Single Sign-On 7.3.4 security update on RHEL 6 (Important) (RHSA-2019:3044)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3044 advisory. Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...

9.8CVSS8.2AI score0.21949EPSS
Exploits2References16
Rows per page
Query Builder