Lucene search
+L

10 matches found

vulnersosv
vulnersosv
added 2021/12/09 7:16 p.m.5 views

ai.agnos:reactive-sparql_2.12 (>=0.3.0 <=0.3.1), ai.chronon:aggregator_2.11 (>=0.0.1 <=thread_contention-0.0.23-dev3) +25285 more potentially affected by CVE-2020-36189 via com.fasterxml.jackson.core:jackson-databind (>=2.7.0 <=2.9.10.7)

com.fasterxml.jackson.core:jackson-databind MAVEN version =2.7.0, =0.3.0, =0.0.1, =0.0.6, =0.0.1, =0.0.1, =thread-pool-0.0.24-dev, =local, =local, =0.0.6, =0.0.1, =0.42.1, =0.42.1, =0.40.2, =0.42.1, =0.80.6 and more Source cves: CVE-2020-36189 Source advisory: OSV:GHSA-VFQX-33QM-G869...

8.1CVSS7.1AI score0.04912EPSS
Exploits1
nessus
nessus
added 2021/07/22 12:0 a.m.50 views

Oracle Primavera Gateway (Jul 2021 CPU)

The 17.12.11, 18.8.11, 19.12.10, and 20.12.0 versions of Primavera Gateway installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2021 CPU advisory. - Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering component: Admin...

9.8CVSS6.9AI score0.17611EPSS
Exploits3References8
redhat
redhat
added 2021/05/06 1:38 p.m.101 views

Important: Red Hat Security Advisory: Openshift Logging Bug Fix Release (5.0.3)

Openshift Logging Bug Fix Release 5.0.3 This release includes a security update. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

10CVSS7.4AI score0.20929EPSS
Exploits15References5
redhat
redhat
added 2021/04/27 8:55 a.m.112 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.6.26 security and extras update

Red Hat OpenShift Container Platform release 4.6.26 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a...

10CVSS7.5AI score0.20929EPSS
Exploits15References28
nessus
nessus
added 2021/04/27 12:0 a.m.75 views

Debian DLA-2638-1 : jackson-databind security update

Multiple security vulnerabilities were found in Jackson Databind. CVE-2020-24616 FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource aka Anteros-DBCP. CVE-2020-24750 FasterXML...

8.8CVSS7AI score0.20929EPSS
Exploits16References20
ibm
ibm
added 2021/02/01 9:53 p.m.48 views

Security Bulletin: jackson-databind vulnerabilities CVE-2020-36185/36181/36189/36188/36184/36180 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to V4.0

Summary Jackson-databind vulnerabilities CVE-2020-36185, CVE-2020-36181, CVE-2020-36189, CVE-2020-36188, CVE-2020-36184, CVE-2020-36180, CVE-2020-36183, CVE-2020-36179, CVE-2020-36187, CVE-2020-36186, CVE-2020-36182 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer...

8.8CVSS1.8AI score0.20929EPSS
Exploits12Affected Software1
nvd
nvd
added 2021/01/06 11:15 p.m.23 views

CVE-2020-36189

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource...

8.1CVSS8.7AI score0.04912EPSS
Exploits1References10
osv
osv
added 2021/01/06 11:15 p.m.27 views

CVE-2020-36189

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource...

8.1CVSS7.1AI score
Exploits0References10
osv
osv
added 2021/01/06 11:15 p.m.5 views

UBUNTU-CVE-2020-36189

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource...

8.1CVSS7.2AI score0.04912EPSS
Exploits1References4
cve
cve
added 2021/01/06 10:29 p.m.292 views

CVE-2020-36189

CVE-2020-36189 affects FasterXML jackson-databind 2.x before 2.9.10.8. The issue is a deserialization/serialization typing interaction with gadgets (e.g., logback, MySQL/commons proxies) that can lead to arbitrary code execution, data exfiltration or integrity/availability impacts as described in...

8.1CVSS7.7AI score0.04912EPSS
Exploits1References10Affected Software1
Rows per page
Query Builder