Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

891 matches found

CNVD
CNVDadded 2020/06/15 12:0 a.m.1 views

FasterXML jackson-databind code issue vulnerability (CNVD-2020-53535)

FasterXML Jackson is a U.S. FasterXML company for Java data processing tools . jackson-databind is one of the components with data binding capabilities . A security vulnerability exists in FasterXML jackson-databind version 2.x prior to 2.9.10.5. No detailed vulnerability details are provided at...

8.1CVSS8.6AI score0.09636EPSS
Exploits0References1
NVD
NVDadded 2020/06/14 9:15 p.m.18 views

CVE-2020-14060

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool aka apache/drill...

8.1CVSS0.08718EPSS
Exploits0References9
OSV
OSVadded 2020/06/14 9:15 p.m.23 views

CVE-2020-14060

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool aka apache/drill...

8.1CVSS6.5AI score
Exploits0References9
UbuntuCve
UbuntuCveadded 2020/06/14 9:15 p.m.36 views

CVE-2020-14060

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool aka apache/drill...

8.1CVSS6.8AI score0.08718EPSS
Exploits0References4
Prion
Prionadded 2020/06/14 9:15 p.m.25 views

Design/Logic Flaw

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool aka apache/drill...

6.8CVSS8.6AI score0.08718EPSS
Exploits0References9Affected Software11
CVE
CVEadded 2020/06/14 8:46 p.m.429 views

CVE-2020-14060

CVE-2020-14060 affects FasterXML jackson-databind 2.x before 2.9.10.5. The root cause is mishandling of the interaction between serialization gadgets and typing (related to JNDIConnectionPool), enabling deserialization-enabled impact on confidentiality, integrity, and availability. The IBM X-Forc...

8.1CVSS8.6AI score0.08718EPSS
Exploits0References9Affected Software1
Cvelist
Cvelistadded 2020/06/14 8:46 p.m.33 views

CVE-2020-14060

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool aka apache/drill...

8.7AI score0.08718EPSS
Exploits0References9
Debian CVE
Debian CVEadded 2020/06/14 8:46 p.m.32 views

CVE-2020-14060

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool aka apache/drill...

8.1CVSS7.7AI score0.08718EPSS
Exploits0
OSV
OSVadded 2020/06/14 8:15 p.m.20 views

CVE-2020-14062

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool aka xalan2...

8.1CVSS6.5AI score
Exploits0References9
NVD
NVDadded 2020/06/14 8:15 p.m.24 views

CVE-2020-14061

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and...

8.1CVSS0.0615EPSS
Exploits0References9
OSV
OSVadded 2020/06/14 8:15 p.m.25 views

CVE-2020-14061

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and...

8.1CVSS6.5AI score
Exploits0References9
NVD
NVDadded 2020/06/14 8:15 p.m.15 views

CVE-2020-14062

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool aka xalan2...

8.1CVSS0.09636EPSS
Exploits0References9
Prion
Prionadded 2020/06/14 8:15 p.m.25 views

Memory corruption

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and...

6.8CVSS8.6AI score0.0615EPSS
Exploits0References9Affected Software14
Prion
Prionadded 2020/06/14 8:15 p.m.26 views

Design/Logic Flaw

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool aka xalan2...

6.8CVSS8.6AI score0.09636EPSS
Exploits0References9Affected Software12
UbuntuCve
UbuntuCveadded 2020/06/14 8:15 p.m.31 views

CVE-2020-14062

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool aka xalan2...

8.1CVSS6.8AI score0.09636EPSS
Exploits0References4
UbuntuCve
UbuntuCveadded 2020/06/14 8:15 p.m.24 views

CVE-2020-14061

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and...

8.1CVSS6.8AI score0.0615EPSS
Exploits0References4
Cvelist
Cvelistadded 2020/06/14 7:42 p.m.18 views

CVE-2020-14061

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and...

8.7AI score0.0615EPSS
Exploits0References9
CVE
CVEadded 2020/06/14 7:42 p.m.460 views

CVE-2020-14061

CVE-2020-14061 concerns Jackson Databind 2.x before 2.9.10.5, where deserialization gadgets typing interaction (including oracle.jms.AQjms* components) can be exploited. IBM and NVD references show a high-severity exposure (base scores up to 8.1–9.8) with network attack vector and partial to high...

8.1CVSS8.5AI score0.0615EPSS
Exploits0References9Affected Software1
CVE
CVEadded 2020/06/14 7:42 p.m.441 views

CVE-2020-14062

CVE-2020-14062 affects jackson-databind 2.x prior to 2.9.10.5, where interaction between serialization gadgets and typing (related to JNDIConnectionPool) can lead to deserialization abuse with high impact. IBM/X-Force entries consolidate this as a 9.8/3.0 vulnerability. In the connected IBM bulle...

8.1CVSS8.6AI score0.09636EPSS
Exploits0References9Affected Software1
Cvelist
Cvelistadded 2020/06/14 7:42 p.m.19 views

CVE-2020-14062

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool aka xalan2...

8.7AI score0.09636EPSS
Exploits0References9
Rows per page
Query Builder