Lucene search
K

37 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux - уязвимость в jackson-databind

FasterXML Jackson-Databind 2.x versions before 2.9.10.8 mishandle the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource...

8.1CVSS6.9AI score0.07694EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-35728

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

8.1CVSS7.4AI score0.12504EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-35491

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

8.1CVSS7.1AI score0.09477EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:0 a.m.2 views

SUSE CVE-2020-10969

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane...

8.8CVSS8.7AI score0.03473EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:58 a.m.4 views

SUSE CVE-2020-14060

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool aka apache/drill...

8.1CVSS8.7AI score0.08607EPSS
Exploits0References3
OSV
OSV
added 2021/12/09 7:16 p.m.0 views

GHSA-F9XH-2QGP-CQ57 Unsafe Deserialization in jackson-databind

FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource...

8.1CVSS7.1AI score0.10911EPSS
Exploits1References13
OSV
OSV
added 2021/12/09 7:16 p.m.1 views

GHSA-9M6F-7XCQ-8VF8 Unsafe Deserialization in jackson-databind

FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool...

8.1CVSS6.9AI score0.0489EPSS
Exploits1References13
OSV
OSV
added 2021/12/09 7:16 p.m.1 views

GHSA-8C4J-34R4-XR8G Unsafe Deserialization in jackson-databind

FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS...

8.1CVSS7.1AI score0.05041EPSS
Exploits2References13
OSV
OSV
added 2021/12/09 7:16 p.m.1 views

GHSA-8W26-6F25-CM9X Unsafe Deserialization in jackson-databind

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource...

8.1CVSS6.9AI score0.05218EPSS
Exploits1References13
OSV
OSV
added 2021/12/09 7:15 p.m.2 views

GHSA-89QR-369F-5M5X Unsafe Deserialization in jackson-databind

FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS...

8.1CVSS6.9AI score0.05018EPSS
Exploits2References13
OSV
OSV
added 2021/12/09 7:15 p.m.2 views

GHSA-QJW2-HR98-QGFH Unsafe Deserialization in jackson-databind

FasterXML jackson-databind 2.x before 2.6.7.5 and from 2.7.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration...

8.1CVSS7.1AI score0.07268EPSS
Exploits1References14
OSV
OSV
added 2021/03/05 11:2 a.m.6 views

OESA-2021-1051 jackson-databind security update

The general-purpose data-binding functionality and tree-model for Jackson Data Processor. It builds on core streaming parser/generator package, and uses Jackson Annotations for configuration. Security Fixes: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between...

8.8CVSS6.8AI score0.20929EPSS
Exploits11References12
Vulnrichment
Vulnrichment
added 2021/01/19 4:27 p.m.2 views

CVE-2021-20190

A flaw was found in jackson-databind before 2.9.10.7. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

6.9AI score0.07483EPSS
Exploits0References6
OSV
OSV
added 2021/01/07 12:15 a.m.6 views

DEBIAN-CVE-2020-36180

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS...

8.1CVSS7.5AI score0.05041EPSS
Exploits2References1
OSV
OSV
added 2021/01/06 11:15 p.m.2 views

DEBIAN-CVE-2020-36188

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource...

8.1CVSS8.1AI score0.10911EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2021/01/01 12:0 a.m.14 views

PT-2021-3160

Name of the Vulnerable Software and Affected Versions FasterXML jackson-databind versions 2.x before 2.9.10.8 FasterXML jackson-databind versions 2.6.7.5 and earlier Description The issue is related to the interaction between serialization gadgets and typing, specifically with...

9.3CVSS6.8AI score0.20929EPSS
Exploits3References46
Positive Technologies
Positive Technologies
added 2021/01/01 12:0 a.m.12 views

PT-2021-3161

Name of the Vulnerable Software and Affected Versions FasterXML jackson-databind versions 2.x before 2.9.10.8 FasterXML jackson-databind versions 2.6.7.5 and earlier Description The issue is related to the interaction between serialization gadgets and typing, specifically with the...

9.3CVSS6.8AI score0.05018EPSS
Exploits3References44
RedHat Linux
RedHat Linux
added 2020/09/17 1:7 p.m.2 views

jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.8CVSS7.1AI score0.02959EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/09/07 12:58 p.m.2 views

jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.8CVSS7.1AI score0.07963EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/09/07 12:57 p.m.3 views

jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.8CVSS7.1AI score0.07963EPSS
Exploits0References4
Rows per page
Query Builder