Lucene search
K

17 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.14 views

Astra Linux – Vulnerability in Jackson-Databind

A deserialization flaw was discovered in Jackson-Databind through version 2.9.10.4. This flaw could allow unauthenticated users to execute code via Ignite-JTA or Quartz-core: org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jndi.CacheJndiTmFactory, and...

8.1CVSS7.1AI score0.03301EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-6411

Malicious code in bioql PyPI...

8.1CVSS7.9AI score0.03301EPSS
Exploits1References15
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-10650

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A deserialization flaw was discovered in jackson-databind through 2.9.10.4. It could allow an unauthenticated user to perform code execution via ignite-jta or...

8.1CVSS7.7AI score0.03301EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:0 a.m.2 views

SUSE CVE-2020-10650

A deserialization flaw was discovered in jackson-databind through 2.9.10.4. It could allow an unauthenticated user to perform code execution via ignite-jta or quartz-core: org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jndi.CacheJndiTmFactory, and...

8.1CVSS9.1AI score0.03301EPSS
Exploits1References3
OSV
OSV
added 2022/12/26 8:15 p.m.2 views

DEBIAN-CVE-2020-10650

A deserialization flaw was discovered in jackson-databind through 2.9.10.4. It could allow an unauthenticated user to perform code execution via ignite-jta or quartz-core: org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jndi.CacheJndiTmFactory, and...

8.1CVSS8.2AI score0.03301EPSS
Exploits1References1
NVD
NVD
added 2022/12/26 8:15 p.m.15 views

CVE-2020-10650

A deserialization flaw was discovered in jackson-databind through 2.9.10.4. It could allow an unauthenticated user to perform code execution via ignite-jta or quartz-core: org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jndi.CacheJndiTmFactory, and...

8.1CVSS0.03301EPSS
Exploits1References8
OSV
OSV
added 2022/12/26 8:15 p.m.22 views

CVE-2020-10650

A deserialization flaw was discovered in jackson-databind through 2.9.10.4. It could allow an unauthenticated user to perform code execution via ignite-jta or quartz-core: org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jndi.CacheJndiTmFactory, and...

8.1CVSS9.7AI score
Exploits0References8
Prion
Prion
added 2022/12/26 8:15 p.m.21 views

Deserialization of untrusted data

A deserialization flaw was discovered in jackson-databind through 2.9.10.4. It could allow an unauthenticated user to perform code execution via ignite-jta or quartz-core: org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jndi.CacheJndiTmFactory, and...

5.1CVSS8.9AI score0.03301EPSS
Exploits1References8Affected Software3
UbuntuCve
UbuntuCve
added 2022/12/26 8:15 p.m.35 views

CVE-2020-10650

A deserialization flaw was discovered in jackson-databind through 2.9.10.4. It could allow an unauthenticated user to perform code execution via ignite-jta or quartz-core: org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jndi.CacheJndiTmFactory, and...

8.1CVSS7.3AI score0.03301EPSS
Exploits1References7
OSV
OSV
added 2022/12/26 8:15 p.m.4 views

UBUNTU-CVE-2020-10650

A deserialization flaw was discovered in jackson-databind through 2.9.10.4. It could allow an unauthenticated user to perform code execution via ignite-jta or quartz-core: org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jndi.CacheJndiTmFactory, and...

8.1CVSS7.4AI score0.03301EPSS
Exploits1References8
Debian CVE
Debian CVE
added 2022/12/26 12:0 a.m.26 views

CVE-2020-10650

A deserialization flaw was discovered in jackson-databind through 2.9.10.4. It could allow an unauthenticated user to perform code execution via ignite-jta or quartz-core: org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jndi.CacheJndiTmFactory, and...

8.1CVSS8.5AI score0.03301EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2022/12/26 12:0 a.m.7 views

CVE-2020-10650

A deserialization flaw was discovered in jackson-databind through 2.9.10.4. It could allow an unauthenticated user to perform code execution via ignite-jta or quartz-core: org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jndi.CacheJndiTmFactory, and...

8.3AI score0.03301EPSS
Exploits1References8
Cvelist
Cvelist
added 2022/12/26 12:0 a.m.31 views

CVE-2020-10650

A deserialization flaw was discovered in jackson-databind through 2.9.10.4. It could allow an unauthenticated user to perform code execution via ignite-jta or quartz-core: org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jndi.CacheJndiTmFactory, and...

9.1AI score0.03301EPSS
Exploits1References8
Veracode
Veracode
added 2022/07/18 9:6 a.m.25 views

Deserialization Of Untrusted Data

Jackson Databind is vulnerable to deserialization of untrusted data. The vulnerability exists in Set function in SubTypeValidator.java when handling interactions related to class ignite-jta which allows an attacker to inject and execute malicious codes...

8.1CVSS8.7AI score0.03301EPSS
Exploits1References10Affected Software1
Github Security Blog
Github Security Blog
added 2022/07/15 7:41 p.m.47 views

jackson-databind vulnerable to unsafe deserialization

The com.fasterxml.jackson.core:jackson-databind library before version 2.9.10.4 is vulnerable to an Unsafe Deserialization vulnerability when handling interactions related to the class ignite-jta...

8.1CVSS7.8AI score0.03301EPSS
Exploits1References11Affected Software1
OSV
OSV
added 2022/07/15 7:41 p.m.4 views

GHSA-RPR3-CW39-3PXH jackson-databind vulnerable to unsafe deserialization

The com.fasterxml.jackson.core:jackson-databind library before version 2.9.10.4 is vulnerable to an Unsafe Deserialization vulnerability when handling interactions related to the class ignite-jta...

8.1CVSS6.9AI score0.03301EPSS
Exploits1References11
BDU FSTEC
BDU FSTEC
added 2021/02/16 12:0 a.m.5 views

The vulnerability of the ignite-jta class in the Jackson-databind library of the FasterXML project allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ignite-jta class in the Jackson-databind library of the FasterXML project is related to the restoration of unreliable data in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

9.3CVSS7.1AI score0.03301EPSS
Exploits1References7Affected Software27
Rows per page
Query Builder