Lucene search
K

50 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2018-14720

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity XXE attacks by leveraging failure to block unspecified JDK...

9.8CVSS8AI score0.07524EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-35728

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

8.1CVSS7.4AI score0.12504EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:5 a.m.4 views

SUSE CVE-2019-20330

FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking...

8.1CVSS7AI score0.0864EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2022/05/14 11:39 a.m.47 views

CVE-2020-9547

A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS2.3AI score0.18671EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2022/05/14 11:38 a.m.108 views

CVE-2020-10968

A flaw was found in jackson-databind 2.x prior to version 2.9.10.4. The interaction between serialization gadgets and typing is mishandled in the bus-proxy. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Mitigation The following...

8.8CVSS3.6AI score0.03538EPSS
Exploits0References3
NVD
NVD
added 2021/01/06 11:15 p.m.26 views

CVE-2020-36186

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource...

8.1CVSS8.7AI score0.05218EPSS
Exploits1References10
OSV
OSV
added 2021/01/06 11:15 p.m.24 views

CVE-2020-36189

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource...

8.1CVSS7.1AI score
Exploits0References10
OSV
OSV
added 2021/01/06 11:15 p.m.28 views

CVE-2020-36186

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource...

8.1CVSS7.1AI score
Exploits0References10
OSV
OSV
added 2021/01/06 11:15 p.m.24 views

CVE-2020-36187

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource...

8.1CVSS7.1AI score
Exploits0References10
UbuntuCve
UbuntuCve
added 2021/01/06 11:15 p.m.33 views

CVE-2020-36185

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource...

8.1CVSS6.9AI score0.05218EPSS
Exploits1References3
Prion
Prion
added 2021/01/06 11:15 p.m.19 views

Design/Logic Flaw

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource...

6.8CVSS8.6AI score0.05195EPSS
Exploits1References10Affected Software43
Vulnrichment
Vulnrichment
added 2021/01/06 10:30 p.m.23 views

CVE-2020-36182

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS...

6.7AI score0.05018EPSS
Exploits2References10
Debian CVE
Debian CVE
added 2021/01/06 10:30 p.m.26 views

CVE-2020-36183

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool...

8.1CVSS8.1AI score0.0489EPSS
Exploits1
Cvelist
Cvelist
added 2021/01/06 10:29 p.m.30 views

CVE-2020-36185

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource...

8.7AI score0.05218EPSS
Exploits1References10
Cvelist
Cvelist
added 2021/01/06 10:29 p.m.28 views

CVE-2020-36187

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource...

8.7AI score0.05195EPSS
Exploits1References10
OSV
OSV
added 2020/12/17 7:15 p.m.38 views

CVE-2020-35490

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource...

8.1CVSS6.6AI score
Exploits0References10
UbuntuCve
UbuntuCve
added 2020/12/17 7:15 p.m.31 views

CVE-2020-35491

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource...

8.1CVSS6.9AI score0.09477EPSS
Exploits1References4
Cvelist
Cvelist
added 2020/12/17 6:43 p.m.33 views

CVE-2020-35491

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource...

8.7AI score0.09477EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2020/09/24 10:17 a.m.41 views

CVE-2020-24750

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.6. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and system availability. Mitigation The following conditions are needed for an...

8.1CVSS2.9AI score0.07268EPSS
Exploits1References3
OSV
OSV
added 2020/09/17 7:15 p.m.35 views

CVE-2020-24750

FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration...

8.1CVSS6.5AI score
Exploits0References10
Rows per page
Query Builder