Lucene search
+L

18 matches found

circl
circl
added 2023/11/17 3:29 a.m.5 views

CVE-2020-35728

creationtimestamp| type| source ---|---|--- 2023-11-17 03:29:20+00:00| seen| https://t.me/arpsyndicate/190 2024-11-14 06:07:28+00:00| seen| MISP/337e569a-66d0-4110-a75e-434df9e9581c...

8.1CVSS8.2AI score0.12504EPSS
Exploits0References1
ibm
ibm
added 2022/02/07 5:33 p.m.28 views

Security Bulletin: IBM Cloud Private is vulnerable to FasterXML jackson-databind vulnerabilities (CVE-2020-35728)

Summary IBM Cloud Private is vulnerable to FasterXML jackson-databind vulnerabilities Vulnerability Details CVEID: CVE-2020-35728 DESCRIPTION: FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization between gadgets and...

8.1CVSS9.2AI score0.12504EPSS
Exploits0Affected Software1
openvas
openvas
added 2022/01/28 12:0 a.m.35 views

Mageia: Security Advisory (MGASA-2021-0153)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.45205EPSS
Exploits10References17
openvas
openvas
added 2021/06/09 12:0 a.m.41 views

SUSE: Security Advisory (SUSE-SU-2021:0243-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.3CVSS8AI score0.17611EPSS
Exploits0References2
redhat
redhat
added 2021/05/06 1:38 p.m.101 views

Important: Red Hat Security Advisory: Openshift Logging Bug Fix Release (5.0.3)

Openshift Logging Bug Fix Release 5.0.3 This release includes a security update. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

10CVSS7.4AI score0.20929EPSS
Exploits15References5
redhat
redhat
added 2021/04/27 8:55 a.m.112 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.6.26 security and extras update

Red Hat OpenShift Container Platform release 4.6.26 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a...

10CVSS7.5AI score0.20929EPSS
Exploits15References28
nessus
nessus
added 2021/04/27 12:0 a.m.75 views

Debian DLA-2638-1 : jackson-databind security update

Multiple security vulnerabilities were found in Jackson Databind. CVE-2020-24616 FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource aka Anteros-DBCP. CVE-2020-24750 FasterXML...

8.8CVSS7AI score0.20929EPSS
Exploits16References20
openvas
openvas
added 2021/04/25 12:0 a.m.42 views

Debian: Security Advisory (DLA-2638-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.9AI score0.20929EPSS
Exploits16References4
debian
debian
added 2021/04/24 8:50 p.m.108 views

[SECURITY] [DLA 2638-1] jackson-databind security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2638-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta April 25, 2021 https://wiki.debian.org/LTS -...

8.8CVSS8.9AI score0.20929EPSS
Exploits16
ibm
ibm
added 2021/04/06 9:53 a.m.37 views

Security Bulletin: Network Performance Insight 1.3.1 was affected by jackson-databind vulnerability (CVE-2020-35728)

Summary Network Performance Insight 1.3.1 was affected by jackson-databind vulnerability CVE-2020-35728 Vulnerability Details CVEID: CVE-2020-35728 DESCRIPTION: FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization...

8.1CVSS2.4AI score0.12504EPSS
Exploits0Affected Software1
ibm
ibm
added 2021/03/03 8:2 a.m.31 views

Security Bulletin: jackson-databind vulnerability CVE-2020-35728 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to V4.0

Summary Jackson-databind vulnerability CVE-2020-35728 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to 4.0.0. The fix for this set of vulnerabilities was delivered in IBM Aspera High-Speed Transfer Server V4.0.0 and IBM Aspera High-Speed...

8.1CVSS2.4AI score0.12504EPSS
Exploits0Affected Software1
ibm
ibm
added 2021/02/27 3:41 a.m.26 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in FasterXML jackson-databind

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of FasterXML jackson-databind. Vulnerability Details CVEID: CVE-2020-35728 DESCRIPTION: FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe...

8.1CVSS1.8AI score0.17611EPSS
Exploits0Affected Software1
nessus
nessus
added 2021/02/04 12:0 a.m.43 views

openSUSE Security Update : jackson-databind (openSUSE-2021-221)

This update for jackson-databind fixes the following issues : jackson-databind was updated to 2.10.5.1 : - 2589: DOMDeserializer: setExpandEntityReferencesfalse may not prevent external entity expansion in all cases CVE-2020-25649, bsc1177616 - 2787 partial fix: NPE after add mixin for enum - 267...

8.3CVSS6.8AI score0.17611EPSS
Exploits0References6
osv
osv
added 2020/12/27 5:15 a.m.3 views

DEBIAN-CVE-2020-35728

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl...

8.1CVSS8.1AI score0.12504EPSS
Exploits0References1
osv
osv
added 2020/12/27 5:15 a.m.4 views

UBUNTU-CVE-2020-35728

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl...

8.1CVSS7.2AI score0.12504EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2020/12/27 4:32 a.m.4 views

CVE-2020-35728

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl...

7.1AI score0.12504EPSS
Exploits0References10
cve
cve
added 2020/12/27 4:32 a.m.310 views

CVE-2020-35728

CVE-2020-35728 affects FasterXML jackson-databind 2.x prior to 2.9.10.8, where improper interaction between serialization gadgets and typing (related to embedded Xalan/JNDIConnectionPool) is described. The IBM bulletin (CVE list) confirms this vulnerability and its description, but does not provi...

8.1CVSS7.7AI score0.12504EPSS
Exploits0References10Affected Software1
debiancve
debiancve
added 2020/12/27 4:32 a.m.46 views

CVE-2020-35728

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl...

8.1CVSS8.6AI score0.12504EPSS
Exploits0
Rows per page
Query Builder