Lucene search
K

15 matches found

UbuntuCve
UbuntuCve
added 2021/01/19 5:15 p.m.34 views

CVE-2021-20190

A flaw was found in jackson-databind before 2.9.10.7. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.3CVSS7AI score0.07483EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2021/01/07 12:15 a.m.29 views

CVE-2020-36179

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS...

8.8CVSS6.9AI score0.20929EPSS
Exploits2References3
OSV
OSV
added 2021/01/06 11:15 p.m.27 views

CVE-2020-36185

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource...

8.1CVSS7.1AI score
Exploits0References10
Debian CVE
Debian CVE
added 2021/01/06 10:30 p.m.32 views

CVE-2020-36182

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS...

8.8CVSS8.1AI score0.05018EPSS
Exploits2
Cvelist
Cvelist
added 2021/01/06 10:30 p.m.30 views

CVE-2020-36184

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource...

8.7AI score0.10379EPSS
Exploits1References10
Debian CVE
Debian CVE
added 2020/12/17 6:43 p.m.30 views

CVE-2020-35491

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource...

8.1CVSS8.1AI score0.09477EPSS
Exploits1
Cvelist
Cvelist
added 2020/06/16 3:7 p.m.30 views

CVE-2020-14195

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory aka org.jsecurity...

8.7AI score0.04511EPSS
Exploits0References8
OSV
OSV
added 2020/06/14 9:15 p.m.25 views

CVE-2020-14060

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool aka apache/drill...

8.1CVSS6.5AI score
Exploits0References9
UbuntuCve
UbuntuCve
added 2020/06/14 9:15 p.m.37 views

CVE-2020-14060

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool aka apache/drill...

8.1CVSS6.8AI score0.08607EPSS
Exploits0References4
Cvelist
Cvelist
added 2020/06/14 7:42 p.m.28 views

CVE-2020-14062

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool aka xalan2...

8.7AI score0.08072EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2020/04/23 8:19 p.m.67 views

jackson-databind mishandles the interaction between serialization gadgets and typing

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded aka commons-jelly...

8.1CVSS3.5AI score0.05594EPSS
Exploits0References12Affected Software1
Debian CVE
Debian CVE
added 2020/04/07 10:14 p.m.30 views

CVE-2020-11620

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded aka commons-jelly...

8.1CVSS8.7AI score0.05594EPSS
Exploits0
Debian CVE
Debian CVE
added 2020/04/07 10:14 p.m.25 views

CVE-2020-11619

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean aka spring-aop...

8.1CVSS8.7AI score0.03607EPSS
Exploits0
Debian CVE
Debian CVE
added 2020/03/31 4:37 a.m.31 views

CVE-2020-11112

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider aka apache/commons-proxy...

8.8CVSS8.7AI score0.03583EPSS
Exploits0
Debian CVE
Debian CVE
added 2020/03/31 4:37 a.m.33 views

CVE-2020-11113

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime aka openjpa...

8.8CVSS8.7AI score0.06278EPSS
Exploits0
Rows per page
Query Builder