Lucene search
K

17 matches found

OSV
OSV
added 2026/06/12 11:53 a.m.9 views

ROOT-APP-MAVEN-CVE-2021-20190 CVE-2021-20190 in io.root.com.fasterxml.jackson.core:jackson-databind - Patched by Root

Root has patched CVE-2021-20190 in the io.root.com.fasterxml.jackson.core:jackson-databind package for Root:Maven. Multiple fixed versions available...

8.3CVSS7.9AI score0.07483EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/14 1:59 p.m.16 views

Security Bulletin: CVEs addressed in latest release of Cloudera Observability

Summary Common Vulnerabilities addressed by Cloudera Observability 3.6.2 Vulnerability Details CVEID:CVE-2021-20190 DESCRIPTION: A flaw was found in jackson-databind before 2.9.10.7. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this...

9.8CVSS8.9AI score0.21949EPSS
Exploits4Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.35 views

Mageia: Security Advisory (MGASA-2021-0153)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.45205EPSS
Exploits10References17
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.41 views

SUSE: Security Advisory (SUSE-SU-2021:0243-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.3CVSS8AI score0.17611EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2021/05/06 1:38 p.m.100 views

Important: Red Hat Security Advisory: Openshift Logging Bug Fix Release (5.0.3)

Openshift Logging Bug Fix Release 5.0.3 This release includes a security update. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

10CVSS7.4AI score0.20929EPSS
Exploits15References5
RedHat Linux
RedHat Linux
added 2021/04/27 8:55 a.m.111 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.6.26 security and extras update

Red Hat OpenShift Container Platform release 4.6.26 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a...

10CVSS7.5AI score0.20929EPSS
Exploits15References28
Tenable Nessus
Tenable Nessus
added 2021/04/27 12:0 a.m.75 views

Debian DLA-2638-1 : jackson-databind security update

Multiple security vulnerabilities were found in Jackson Databind. CVE-2020-24616 FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource aka Anteros-DBCP. CVE-2020-24750 FasterXML...

8.8CVSS7AI score0.20929EPSS
Exploits16References20
OpenVAS
OpenVAS
added 2021/04/25 12:0 a.m.42 views

Debian: Security Advisory (DLA-2638-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.9AI score0.20929EPSS
Exploits16References4
Debian
Debian
added 2021/04/24 8:50 p.m.108 views

[SECURITY] [DLA 2638-1] jackson-databind security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2638-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta April 25, 2021 https://wiki.debian.org/LTS -...

8.8CVSS8.9AI score0.20929EPSS
Exploits16
IBM Security Bulletins
IBM Security Bulletins
added 2021/03/29 9:46 a.m.34 views

Security Bulletin: IBM Network Performance Insight 1.3.1 was affected by CVE-2021-20190 because using older jackson-databind

Summary IBM Network Performance Insight 1.3.1 was affected by CVE-2021-20190 because using older jackson-databind Vulnerability Details CVEID: CVE-2021-20190 DESCRIPTION: FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe...

8.3CVSS2.2AI score0.07483EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/09 9:58 a.m.52 views

Security Bulletin: Vulnerabilities in Node.js and FasterXML jackson-databind affect IBM Spectrum Protect Plus

Summary Multiple vulnerabilities in Node.js and FasterXML jackson-databind may affect IBM Spectrum Protect Plus. Vulnerability Details CVEID: CVE-2020-25649 DESCRIPTION: FasterXML Jackson Databind could provide weaker than expected security, caused by not having entity expansion secured properly....

8.8CVSS2AI score0.54164EPSS
Exploits13Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/02/04 12:0 a.m.43 views

openSUSE Security Update : jackson-databind (openSUSE-2021-221)

This update for jackson-databind fixes the following issues : jackson-databind was updated to 2.10.5.1 : - 2589: DOMDeserializer: setExpandEntityReferencesfalse may not prevent external entity expansion in all cases CVE-2020-25649, bsc1177616 - 2787 partial fix: NPE after add mixin for enum - 267...

8.3CVSS6.8AI score0.17611EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/01 9:49 p.m.28 views

Security Bulletin: jackson-databind vulnerability CVE-2021-20190 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to V4.0

Summary Jackson-databind vulnerability CVE-2021-20190 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to V4.0.0. The fix for this vulnerability was delivered in IBM Aspera High-Speed Transfer Server V4.0.0 and IBM Aspera High-Speed Transfer...

8.3CVSS2.4AI score0.07483EPSS
Exploits0Affected Software1
Circl
Circl
added 2021/01/19 8:56 p.m.4 views

CVE-2021-20190

creationtimestamp| type| source ---|---|--- 2021-01-19 20:56:08+00:00| seen| https://t.me/cibsecurity/22290...

8.3CVSS8.2AI score0.07483EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2021/01/19 5:15 p.m.36 views

CVE-2021-20190

A flaw was found in jackson-databind before 2.9.10.7. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.3CVSS7AI score0.07483EPSS
Exploits0References4
CVE
CVE
added 2021/01/19 4:27 p.m.281 views

CVE-2021-20190

CVE-2021-20190 is a Jackson Databind deserialization vulnerability involving the interaction between serialization gadgets and typing, present in Jackson Databind up to 2.9.10.7. The IBM bulletin for Cloudera Observability confirms this CVE as part of a collection and notes a fix in Cloudera Obse...

8.3CVSS7.6AI score0.07483EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2021/01/18 9:15 a.m.38 views

CVE-2021-20190

A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Mitigation The following conditions are needed for an exploit, w...

8.3CVSS1.9AI score0.07483EPSS
Exploits0References4
Rows per page
Query Builder