Lucene search
K

2943 matches found

Debian
Debian
added 2018/02/15 7:4 a.m.39 views

[SECURITY] [DSA 4114-1] jackson-databind security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4114-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 15, 2018 https://www.debian.org/security/faq -...

9.8CVSS9.5AI score0.49727EPSS
Exploits1
Debian
Debian
added 2018/02/15 7:4 a.m.47 views

[SECURITY] [DSA 4114-1] jackson-databind security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4114-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 15, 2018 https://www.debian.org/security/faq -...

7.5CVSS3AI score0.49727EPSS
Exploits1
OSV
OSV
added 2018/02/15 12:0 a.m.33 views

DSA-4114-1 jackson-databind - security update

Bulletin has no description...

9.8CVSS9AI score0.49727EPSS
Exploits1
OpenVAS
OpenVAS
added 2018/02/14 12:0 a.m.57 views

Debian: Security Advisory (DSA-4114-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.2AI score0.49727EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2018/02/12 5:19 p.m.5 views

jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper

A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper...

9.8CVSS7.6AI score0.37925EPSS
Exploits7References4
OpenVAS
OpenVAS
added 2018/02/08 12:0 a.m.52 views

Fedora Update for jackson-databind FEDORA-2018-bbf8c38b51

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.49727EPSS
Exploits7References2
OpenVAS
OpenVAS
added 2018/02/08 12:0 a.m.60 views

Fedora Update for jackson-databind FEDORA-2018-e4b025841e

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.49727EPSS
Exploits7References2
Fedora
Fedora
added 2018/02/07 1:18 p.m.66 views

[SECURITY] Fedora 27 Update: jackson-databind-2.7.6-8.fc27

General data-binding functionality for Jackson: works on core streaming API...

9.8CVSS2.2AI score0.49727EPSS
Exploits7
Fedora
Fedora
added 2018/02/07 1:0 p.m.50 views

[SECURITY] Fedora 26 Update: jackson-databind-2.7.6-8.fc26

General data-binding functionality for Jackson: works on core streaming API...

9.8CVSS2.2AI score0.49727EPSS
Exploits7
Prion
Prion
added 2018/02/06 3:29 p.m.36 views

Deserialization of untrusted data

A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw...

7.5CVSS9.1AI score0.37925EPSS
Exploits7References32Affected Software20
Prion
Prion
added 2018/02/06 3:29 p.m.42 views

Deserialization of untrusted data

A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper...

7.5CVSS9.1AI score0.37925EPSS
Exploits7References60Affected Software17
OSV
OSV
added 2018/02/06 3:29 p.m.12 views

UBUNTU-CVE-2017-7525

A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper...

9.8CVSS7.3AI score0.37925EPSS
Exploits7References3
OSV
OSV
added 2018/02/06 3:29 p.m.4 views

DEBIAN-CVE-2017-15095

A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw...

9.8CVSS9.6AI score0.08411EPSS
Exploits2References1
OSV
OSV
added 2018/02/06 3:29 p.m.1 views

UBUNTU-CVE-2017-15095

A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw...

9.8CVSS7.3AI score0.08411EPSS
Exploits2References10
OSV
OSV
added 2018/02/06 3:29 p.m.4 views

DEBIAN-CVE-2017-7525

A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper...

9.8CVSS8.1AI score0.37925EPSS
Exploits7References1
UbuntuCve
UbuntuCve
added 2018/02/06 3:29 p.m.59 views

CVE-2017-7525

A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper...

9.8CVSS7.3AI score0.37925EPSS
Exploits7References2
UbuntuCve
UbuntuCve
added 2018/02/06 3:29 p.m.52 views

CVE-2017-15095

A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw...

9.8CVSS7.2AI score0.08411EPSS
Exploits2References9
OSV
OSV
added 2018/02/06 3:29 p.m.40 views

CVE-2017-15095

A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw...

9.8CVSS9.9AI score
Exploits0References32
OSV
OSV
added 2018/02/06 3:29 p.m.39 views

CVE-2017-7525

A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper...

9.8CVSS10AI score
Exploits0References60
NVD
NVD
added 2018/02/06 3:29 p.m.31 views

CVE-2017-15095

A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw...

9.8CVSS9.2AI score0.08411EPSS
Exploits2References32
Rows per page
Query Builder