Lucene search
K

6 matches found

NVD
NVD
added 2021/01/06 11:15 p.m.29 views

CVE-2020-36186

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource...

8.1CVSS8.7AI score0.05218EPSS
Exploits1References10
OSV
OSV
added 2021/01/06 11:15 p.m.29 views

CVE-2020-36186

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource...

8.1CVSS7.1AI score
Exploits0References10
UbuntuCve
UbuntuCve
added 2021/01/06 11:15 p.m.25 views

CVE-2020-36186

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource...

8.1CVSS6.9AI score0.05218EPSS
Exploits1References3
CVE
CVE
added 2021/01/06 10:29 p.m.279 views

CVE-2020-36186

CVE-2020-36186 affects FasterXML jackson-databind 2.x up to before 2.9.10.8, where serialization gadgets and typing handling interact incorrectly in the presence of PerUserPoolDataSource (org.apache.tomcat.dbcp.dbcp.datasources). This deserialization-related flaw can impact confidentiality, integ...

8.1CVSS7.7AI score0.05218EPSS
Exploits1References10Affected Software1
Cvelist
Cvelist
added 2021/01/06 10:29 p.m.26 views

CVE-2020-36186

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource...

8.7AI score0.05218EPSS
Exploits1References10
Debian CVE
Debian CVE
added 2021/01/06 10:29 p.m.32 views

CVE-2020-36186

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource...

8.1CVSS8.1AI score0.05218EPSS
Exploits1
Rows per page
Query Builder