Linux Distros Unpatched Vulnerability : CVE-2018-11307

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltrati...

SUSE CVE-2018-11307

An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltration of content. Fixed in 2.7.9.4, 2.8.11.2, and 2.9.6...

GHSA-QR7J-H6GG-JMGC Deserialization of Untrusted Data in jackson-databind

An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltration of content. Fixed in 2.7.9.4, 2.8.11.2, and 2.9.6...

DEBIAN-CVE-2018-11307

An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltration of content. Fixed in 2.7.9.4, 2.8.11.2, and 2.9.6...

UBUNTU-CVE-2018-11307

An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltration of content. Fixed in 2.7.9.4, 2.8.11.2, and 2.9.6...

PT-2018-2773 · Fasterxml +3 · Jackson-Databind +3

Name of the Vulnerable Software and Affected Versions: FasterXML jackson-databind versions 2.0.0 through 2.9.5 Description: The issue is related to the shortcomings of the deserialization mechanism in the jackson-databind library. Exploitation of this issue may allow a remote attacker to impact t...

PT-2017-4061

Name of the Vulnerable Software and Affected Versions jackson-databind versions prior to 2.6.7.1 jackson-databind versions prior to 2.7.9.1 jackson-databind versions prior to 2.8.9 jackson-databind versions 2.0.0 through 2.9.5 Description A deserialization flaw in the jackson-databind library is...