Lucene search
K

28 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2019-17267

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to...

9.8CVSS7.1AI score0.04628EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.31 views

RHEL 8 : opendaylight (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jackson-databind: Serialization gadgets in classes of the ehcache package CVE-2019-17267 - A flaw was...

9.8CVSS8.9AI score0.17611EPSS
Exploits1References9
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.35 views

Mageia: Security Advisory (MGASA-2021-0153)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.45205EPSS
Exploits10References17
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/18 3:42 p.m.52 views

Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring has patched several open source dependencies

Summary IBM Cloud Pak for Multicloud Management Monitoring has patched several open source dependencies that were inadvertently missed during previous scans. Vulnerability Details CVEID: CVE-2021-21409 DESCRIPTION: Netty is vulnerable to request smuggling, caused by improper validation of request...

9.8CVSS9.2AI score0.49727EPSS
Exploits21Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/06 2:34 p.m.44 views

Security Bulletin: Jackson-Databind Vulnerabilities Affect the B2B API of IBM Sterling B2B Integrator

Summary IBM Sterling B2B Integrator has integrated multiple security vulnerability fixes from Jackson Databind, please see list of CVEs for vulnerability details Vulnerability Details CVEID: CVE-2020-9547 DESCRIPTION: FasterXML jackson-databind could allow a remote attacker to execute arbitrary...

9.8CVSS1.8AI score0.45205EPSS
Exploits26Affected Software1
Mageia
Mageia
added 2021/03/27 2:27 p.m.220 views

Updated jackson-databind packages fix security vulnerabilities

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled either globally or for a specific property for an externally exposed JSON endpoint, the service has the mysql-connector-java jar 8.0.14 or earlier in the classpath, and an...

9.8CVSS1.3AI score0.45205EPSS
Exploits10References15
Ubuntu
Ubuntu
added 2021/03/15 9:47 p.m.83 views

USN-4813-1: Jackson Databind vulnerabilities

It was discovered that Jackson Databind incorrectly handled deserialization. An attacker could possibly use this issue to obtain sensitive information. CVE-2018-11307, CVE-2019-12086, CVE-2019-12814 It was discovered that Jackson Databind incorrectly handled deserialization. An attacker could...

10CVSS7.4AI score0.45205EPSS
Exploits10
RedHat Linux
RedHat Linux
added 2020/07/28 3:54 p.m.118 views

Important: Red Hat Security Advisory: Red Hat Fuse 7.7.0 release and security update

A minor version update from 7.6 to 7.7 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

10CVSS7.2AI score0.58373EPSS
Exploits16References50
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/24 5:7 p.m.55 views

Security Bulletin: Multiple Security Vulnerabilities in Jackson-databind Affect IBM Sterling B2B Integrator

Summary IBM Sterling B2B Integrator has addressed multiple security vulnerabilities in jackson-databind Vulnerability Details CVEID: CVE-2019-17267 DESCRIPTION: FasterXML jackson-databind could provide weaker than expected security, caused by a polymorphic typing issue in the...

10CVSS1.4AI score0.12679EPSS
Exploits1Affected Software1
vulnersOsv
vulnersOsv
added 2020/06/15 6:44 p.m.4 views

ai.genauth:genauth-java-sdk (=3.1.11), am.ik.github:reactive-github-client (>=0.0.1 <=0.0.4) +3045 more potentially affected by CVE-2019-17267 via com.fasterxml.jackson.core:jackson-databind (>=2.9.0 <=2.9.1)

com.fasterxml.jackson.core:jackson-databind MAVEN version =2.9.0, =0.0.1, =0.1.0, =0.0.1, =0.2.0, =0.1.0, =0.1.0, =0.2.0, =0.2.0, =0.2.0, =1.0.0, =1.0.11 and more Source cves: CVE-2019-17267 Source advisory: OSV:GHSA-F3J5-RMMP-3FC5...

9.8CVSS6.9AI score0.04628EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/05/28 3:58 p.m.311 views

Important: Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 19 security update

This is a security update for JBoss EAP Continuous Delivery 19. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

9.8CVSS7.3AI score0.28839EPSS
Exploits7References45
RedHat Linux
RedHat Linux
added 2020/05/26 4:9 p.m.76 views

Important: Red Hat Security Advisory: Red Hat Data Grid 7.3.6 security update

An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

9.8CVSS6.8AI score0.28839EPSS
Exploits6References16
RedhatCVE
RedhatCVE
added 2020/04/06 4:58 a.m.133 views

CVE-2019-17267

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup. Mitigation The following conditions are needed for an exploit, we recommend avoiding all if possible Deserialization from sources yo...

9.8CVSS2.6AI score0.04628EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2020/03/18 5:36 p.m.332 views

Important: Red Hat Security Advisory: Red Hat Decision Manager 7.7.0 Security Update

An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...

9.8CVSS7AI score0.28839EPSS
Exploits2References14
RedHat Linux
RedHat Linux
added 2020/03/18 2:51 p.m.89 views

Moderate: Red Hat Security Advisory: Red Hat Process Automation Manager 7.7.0 Security Update

An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

9.8CVSS7.1AI score0.10763EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2020/01/22 12:0 a.m.55 views

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.2.6 on RHEL 7 (RHSA-2020:0160)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0160 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

9.8CVSS7.1AI score0.10763EPSS
Exploits2References49
Tenable Nessus
Tenable Nessus
added 2020/01/22 12:0 a.m.59 views

RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.2.6 on RHEL 6 (RHSA-2020:0159)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0159 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

9.8CVSS7.1AI score0.10763EPSS
Exploits2References49
Tenable Nessus
Tenable Nessus
added 2020/01/22 12:0 a.m.55 views

RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.2.6 on RHEL 8 (RHSA-2020:0161)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0161 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

9.8CVSS7.1AI score0.10763EPSS
Exploits2References47
RedHat Linux
RedHat Linux
added 2020/01/21 3:22 a.m.87 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.6 on RHEL 8 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

9.8CVSS7.1AI score0.10763EPSS
Exploits2References34
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/20 8:47 a.m.28 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in FasterXML jackson-databind

Summary IBM Watson Discovery for IBM Cloud Pak for Data ships with versions of FasterXML jackson-databind vulnerable to serialization gadgets. Vulnerability Details CVEID: CVE-2019-17267 DESCRIPTION: A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is...

9.8CVSS1.3AI score0.04628EPSS
Exploits0Affected Software1
Rows per page
Query Builder