Lucene search
K

6 matches found

VulnCheck KEV
VulnCheck KEV
added 2025/06/23 12:0 a.m.4 views

VulnCheck KEV: CVE-2020-9547

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig aka ibatis-sqlmap...

9.8CVSS7.2AI score0.18671EPSS
In wildExploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:0 a.m.4 views

SUSE CVE-2020-9547

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig aka ibatis-sqlmap...

9.8CVSS8AI score0.18671EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/07/31 12:0 a.m.4 views

Vulnerability of the com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig component. Java libraries for JSON file parsing, such as jackson-databind, which allow attackers to cause service failures.

The vulnerability of the com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig component is related to memory restoration of unreliable data during JSON file parsing by Java libraries. Exploiting this vulnerability may allow an attacker to cause service failures remotely...

9.8CVSS7.4AI score0.18671EPSS
Exploits0References23Affected Software37
OSV
OSV
added 2020/05/15 6:59 p.m.1 views

GHSA-Q93H-JC49-78GG jackson-databind mishandles the interaction between serialization gadgets and typing

FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig aka ibatis-sqlmap...

9.8CVSS7.1AI score0.18671EPSS
Exploits0References26
CNVD
CNVD
added 2020/03/03 12:0 a.m.1 views

Command Execution Vulnerability in Fastjson JtaTransactionConfig

fastJson is a json serialization tool produced by Alibaba . Fastjson JtaTransactionConfig has a command execution vulnerability that can be exploited by a remote attacker to construct attack code that triggers a remote code execution vulnerability and gain control of the server...

8.4AI score
Exploits0
OSV
OSV
added 2020/03/02 4:15 a.m.1 views

UBUNTU-CVE-2020-9547

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig aka ibatis-sqlmap...

9.8CVSS7.2AI score0.18671EPSS
Exploits0References5
Rows per page
Query Builder