891 matches found
CVE-2020-36182
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS...
Design/Logic Flaw
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool...
CVE-2020-36180
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS...
Design/Logic Flaw
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS...
Design/Logic Flaw
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS...
CVE-2020-36179
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS...
Design/Logic Flaw
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS...
Unspecified vulnerability in FasterXML jackson-databind (CNVD-2021-03342)
FasterXML jackson-databind is a generic data binding package for Jackson 2.x. FasterXML jackson-databind exists with the FasterXML jackson-databind suffers from a security vulnerability, no detailed vulnerability details are provided at this time...
Unspecified vulnerability in FasterXML jackson-databind
FasterXML jackson-databind is a generic data binding package for Jackson 2.x. A security vulnerability exists in FasterXML jackson-databind. No details of the vulnerability are provided at this time...
Unspecified vulnerability in FasterXML jackson-databind (CNVD-2021-03344)
FasterXML jackson-databind is a generic data binding package for Jackson 2.x. A security vulnerability exists in FasterXML jackson-databind. No details of the vulnerability are provided at this time...
Unspecified vulnerability in FasterXML jackson-databind (CNVD-2021-03349)
FasterXML jackson-databind is a generic data binding package for Jackson 2.x. FasterXML jackson-databind has a security vulnerability, and no detailed vulnerability details are provided at this time...
Vulnerabilities fixed in Jackson databind
A malicious party could potentially exploit the vulnerability to execute arbitrary code under a user's privileges. These vulnerabilities are only in the 2.9 versions of Jackson databind. If you are using version 2.10 or higher mitigation measures are already included in the software. Faster:XML h...
Unspecified vulnerability in FasterXML jackson-databind (CNVD-2021-03345)
FasterXML jackson-databind is a generic data binding package for Jackson 2.x. FasterXML jackson-databind has a security vulnerability, and no detailed vulnerability details are provided at this time...
Unspecified vulnerability in FasterXML jackson-databind (CNVD-2021-03343)
FasterXML jackson-databind is a generic data binding package for Jackson 2.x. A security vulnerability exists in FasterXML jackson-databind. No details of the vulnerability are provided at this time...
CVE-2020-36184
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource...
CVE-2020-36186
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource...
CVE-2020-36187
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource...
CVE-2020-36184
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource...
CVE-2020-36189
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource...
CVE-2020-36188
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource...