Lucene search
K

8 matches found

Github Security Blog
Github Security Blog
added 2021/12/09 7:16 p.m.35 views

Unsafe Deserialization in jackson-databind

FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS...

8.8CVSS8.6AI score0.05018EPSS
Exploits2References13Affected Software1
OSV
OSV
added 2021/01/06 11:15 p.m.22 views

CVE-2020-36181

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS...

8.1CVSS7.1AI score
Exploits0References10
NVD
NVD
added 2021/01/06 11:15 p.m.18 views

CVE-2020-36181

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS...

8.8CVSS8.7AI score0.05018EPSS
Exploits2References10
Prion
Prion
added 2021/01/06 11:15 p.m.24 views

Design/Logic Flaw

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS...

6.8CVSS8.6AI score0.05018EPSS
Exploits2References10Affected Software43
UbuntuCve
UbuntuCve
added 2021/01/06 11:15 p.m.31 views

CVE-2020-36181

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS...

8.8CVSS6.9AI score0.05018EPSS
Exploits2References3
Cvelist
Cvelist
added 2021/01/06 10:29 p.m.28 views

CVE-2020-36181

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS...

8.7AI score0.05018EPSS
Exploits2References10
Vulnrichment
Vulnrichment
added 2021/01/06 10:29 p.m.26 views

CVE-2020-36181

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS...

6.7AI score0.05018EPSS
Exploits2References10
Debian CVE
Debian CVE
added 2021/01/06 10:29 p.m.24 views

CVE-2020-36181

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS...

8.8CVSS8.1AI score0.05018EPSS
Exploits2
Rows per page
Query Builder