Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-0370

Malware in sbrugna...

8.8CVSS8.5AI score0.03473EPSS
Exploits0References28
Github Security Blog
Github Security Blog
added 2020/04/23 9:36 p.m.89 views

jackson-databind mishandles the interaction between serialization gadgets and typing

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane...

8.8CVSS3.2AI score0.03473EPSS
Exploits0References11Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/04/20 12:0 a.m.58 views

Debian DLA-2179-1 : jackson-databind security update

Following CVEs were reported against the jackson-databind source package : CVE-2020-10968 FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider aka bus-proxy. CVE-2020-10969...

8.8CVSS8AI score0.06278EPSS
Exploits0References9
Veracode
Veracode
added 2020/03/27 2:14 a.m.42 views

Deserialization Of Untrusted Object

jackson-databind is vulnerable to deserialization of untrusted data. It was possible for an untrusted class, javax.swing.JEditorPane to be used as a serialization gadget through polymorphic typing, potentially allowing execution of arbitrary code...

8.8CVSS5.5AI score0.03473EPSS
Exploits0References10Affected Software246
NVD
NVD
added 2020/03/26 1:15 p.m.22 views

CVE-2020-10969

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane...

8.8CVSS9AI score0.03473EPSS
Exploits0References8
OSV
OSV
added 2020/03/26 1:15 p.m.31 views

CVE-2020-10969

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane...

8.8CVSS6.5AI score
Exploits0References8
UbuntuCve
UbuntuCve
added 2020/03/26 1:15 p.m.29 views

CVE-2020-10969

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane...

8.8CVSS7.1AI score0.03473EPSS
Exploits0References4
Prion
Prion
added 2020/03/26 1:15 p.m.27 views

Design/Logic Flaw

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane...

6.8CVSS9AI score0.03473EPSS
Exploits0References8Affected Software30
CVE
CVE
added 2020/03/26 12:43 p.m.441 views

CVE-2020-10969

CVE-2020-10969 : Jackson Databind 2.x prior to 2.9.10.4 has a deserialization flaw caused by how serialization gadgets interact with typing (related to javax.swing.JEditorPane). This can enable deserialization of untrusted data with potential remote code execution. The issue is publicly documente...

8.8CVSS8.3AI score0.03473EPSS
Exploits0References8Affected Software1
Vulnrichment
Vulnrichment
added 2020/03/26 12:43 p.m.19 views

CVE-2020-10969

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane...

6.7AI score0.03473EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2020/03/26 12:43 p.m.33 views

CVE-2020-10969

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane...

8.8CVSS8.8AI score0.03473EPSS
Exploits0
Rows per page
Query Builder