Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2021/08/22 1:11 p.m.51 views

CVE-2019-12384

A flaw was discovered in FasterXML jackson-databind in versions prior to 2.9.9. The vulnerability would permit polymorphic deserialization of malicious objects using the logback-core gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when...

8.1CVSS1AI score0.45205EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2019/10/31 7:9 p.m.4 views

jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution

A flaw was discovered in FasterXML jackson-databind in versions prior to 2.9.9. The vulnerability would permit polymorphic deserialization of malicious objects using the logback-core gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when...

5.9CVSS7.8AI score0.45205EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2019/10/10 9:54 a.m.6 views

jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution

A flaw was discovered in FasterXML jackson-databind in versions prior to 2.9.9. The vulnerability would permit polymorphic deserialization of malicious objects using the logback-core gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when...

5.9CVSS7.8AI score0.45205EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2019/10/01 7:10 a.m.5 views

jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution

A flaw was discovered in FasterXML jackson-databind in versions prior to 2.9.9. The vulnerability would permit polymorphic deserialization of malicious objects using the logback-core gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when...

5.9CVSS7.8AI score0.45205EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2019/09/12 12:28 p.m.5 views

jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution

A flaw was discovered in FasterXML jackson-databind in versions prior to 2.9.9. The vulnerability would permit polymorphic deserialization of malicious objects using the logback-core gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when...

5.9CVSS7.8AI score0.45205EPSS
Exploits2References4
Rows per page
Query Builder