Lucene search
+L

24 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/11/14 1:59 p.m.18 views

Security Bulletin: CVEs addressed in latest release of Cloudera Observability

Summary Common Vulnerabilities addressed by Cloudera Observability 3.6.2 Vulnerability Details CVEID:CVE-2021-20190 DESCRIPTION: A flaw was found in jackson-databind before 2.9.10.7. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this...

9.8CVSS8.9AI score0.21949EPSS
Exploits4Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2020-11620

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to...

8.1CVSS7.9AI score0.0564EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/01/23 12:0 a.m.33 views

RHEL 7 : rh-maven35-jackson-databind (RHSA-2020:2320)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2320 advisory. The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API...

8.1CVSS8.2AI score0.0564EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.35 views

Mageia: Security Advisory (MGASA-2021-0153)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.45205EPSS
Exploits10References17
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/22 5:30 a.m.60 views

Security Bulletin: Series of vulnerabilities in FasterXML jackson-databind affect Apache Solr shipped with IBM Operations Analytics - Log Analysis

Summary There are series of Deserialization of Untrusted Data vulnerabilities and Input Validation vulnerability in various versions of FasterXML jackson-databind that affect Apache Solr. The vulnerabilities are in Vulnerability Details section. Vulnerability Details CVEID: CVE-2020-11620...

9.8CVSS2AI score0.26587EPSS
Exploits5Affected Software1
Ubuntu
Ubuntu
added 2021/03/15 9:47 p.m.84 views

USN-4813-1: Jackson Databind vulnerabilities

It was discovered that Jackson Databind incorrectly handled deserialization. An attacker could possibly use this issue to obtain sensitive information. CVE-2018-11307, CVE-2019-12086, CVE-2019-12814 It was discovered that Jackson Databind incorrectly handled deserialization. An attacker could...

10CVSS7.4AI score0.45205EPSS
Exploits10
RedHat Linux
RedHat Linux
added 2020/12/17 4:40 p.m.145 views

Moderate: Red Hat Security Advisory: Red Hat Single Sign-On 7.4.0 security update

A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS6.7AI score0.06278EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2020/09/17 1:7 p.m.96 views

Important: Red Hat Security Advisory: Red Hat Data Grid 7.3.7 security update

An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

9.8CVSS7.3AI score0.26587EPSS
Exploits5References27
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/31 1:37 p.m.52 views

Security Bulletin: Vulnerabilities in Faster-XML jackson-databind affect IBM Operations Analytics Predictive Insights

Summary Faster-XML Jackson-databind is used by IBM Operations Analytics Predictive Insights. IBM Operations Analytics Predictive Insights has addressed the applicable CVEs. Note that the usage of Jackson Databind within IBM Operations Analytics Predictive Insights is limited to the REST Mediation...

8.8CVSS2.2AI score0.08028EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/31 1:36 p.m.41 views

Security Bulletin: Vulnerabilities in Faster-XML jackson-databind affect IBM Operations Analytics Predictive Insights

Summary Faster-XML Jackson-databind excludes most polymorphic typing gadget attacks Publicly disclosed vulnerability is used by IBM Operations Analytics Predictive Insights. IBM Operations Analytics Predictive Insights has addressed the applicable CVEs. Note that the usage of Jackson-databind...

8.8CVSS2.4AI score0.08028EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2020/07/29 6:21 a.m.98 views

Important: Red Hat Security Advisory: Red Hat Process Automation Manager 7.8.0 Security Update

An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

9.8CVSS7.5AI score0.87806EPSS
Exploits11References35
RedHat Linux
RedHat Linux
added 2020/07/29 6:6 a.m.102 views

Important: Red Hat Security Advisory: Red Hat Decision Manager 7.8.0 Security Update

An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...

9.8CVSS7.4AI score0.87806EPSS
Exploits10References34
RedHat Linux
RedHat Linux
added 2020/07/28 3:54 p.m.119 views

Important: Red Hat Security Advisory: Red Hat Fuse 7.7.0 release and security update

A minor version update from 7.6 to 7.7 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

10CVSS7.2AI score0.58373EPSS
Exploits16References50
RedHat Linux
RedHat Linux
added 2020/05/26 3:50 p.m.76 views

Important: Red Hat Security Advisory: rh-maven35-jackson-databind security update

An update for rh-maven35-jackson-databind is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

8.1CVSS7.2AI score0.0564EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2020/04/23 8:19 p.m.5 views

ai.chronon:aggregator_2.11 (>=0.0.1 <=thread_contention-0.0.23-dev3), ai.chronon:aggregator_2.12 (>=0.0.6 <=thread_contention-0.0.23-dev3) +8879 more potentially affected by CVE-2020-11620 via com.fasterxml.jackson.core:jackson-databind (>=2.9.0 <=2.9.10.3)

com.fasterxml.jackson.core:jackson-databind MAVEN version =2.9.0, =0.0.1, =0.0.6, =0.0.1, =0.0.1, =thread-pool-0.0.24-dev, =local, =local, =0.0.6, =0.0.1, =threadcontention-0.0.23-dev3 - ai.genauth:genauth-java-sdk =3.1.11 - ai.ylyue:yue-library-auth-client =2.1.0 -...

8.1CVSS7.1AI score0.0564EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/04/20 12:0 a.m.58 views

Debian DLA-2179-1 : jackson-databind security update

Following CVEs were reported against the jackson-databind source package : CVE-2020-10968 FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider aka bus-proxy. CVE-2020-10969...

8.8CVSS8AI score0.06278EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2020/04/18 12:0 a.m.31 views

Debian: Security Advisory (DLA-2179-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.7AI score0.06278EPSS
Exploits0References3
Debian
Debian
added 2020/04/17 11:51 p.m.72 views

[SECURITY] [DLA 2179-1] jackson-databind security update

Package : jackson-databind Version : 2.4.2-2+deb8u14 CVE ID : CVE-2020-10968 CVE-2020-10969 CVE-2020-11111 CVE-2020-11112 CVE-2020-11113 CVE-2020-11619 CVE-2020-11620 Following CVEs were reported against the jackson-databind source package : CVE-2020-10968 FasterXML jackson-databind 2.x before...

8.8CVSS9.1AI score0.06278EPSS
Exploits0
NVD
NVD
added 2020/04/07 11:15 p.m.24 views

CVE-2020-11620

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded aka commons-jelly...

8.1CVSS8.7AI score0.0564EPSS
Exploits0References8
Chainguard
Chainguard
added 2020/04/07 11:15 p.m.17 views

CVE-2020-11620 vulnerabilities

Vulnerabilities for packages: hive...

8.1CVSS9.6AI score0.0564EPSS
Exploits0
Rows per page
Query Builder