7 matches found
EUVD-2021-2570
Malware in sbrugna...
SUSE CVE-2020-24750
FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration...
Unsafe Deserialization in jackson-databind
FasterXML jackson-databind 2.x before 2.6.7.5 and from 2.7.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration...
The vulnerability in the function of com.pastdev.httpcomponents.configuration.JndiConfiguration, a library from the Jackson-databind project of the FasterXML project, allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability in the com.pastdev.httpcomponents.configuration.JndiConfiguration class of the Jackson-databind library in the FasterXML project involves the restoration of unreliable data in memory. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality,...
CVE-2020-24750
FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration...
CVE-2020-24750
FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration...
Design/Logic Flaw
FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration...