Lucene search
K

5 matches found

Github Security Blog
Github Security Blog
added 2021/12/09 7:16 p.m.55 views

Unsafe Deserialization in jackson-databind

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource...

8.8CVSS8.6AI score0.10379EPSS
Exploits1References13Affected Software1
NVD
NVD
added 2021/01/06 11:15 p.m.28 views

CVE-2020-36184

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource...

8.8CVSS8.7AI score0.10379EPSS
Exploits1References10
Prion
Prion
added 2021/01/06 11:15 p.m.26 views

Design/Logic Flaw

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource...

6.8CVSS8.6AI score0.10379EPSS
Exploits1References10Affected Software43
Vulnrichment
Vulnrichment
added 2021/01/06 10:30 p.m.23 views

CVE-2020-36184

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource...

6.7AI score0.10379EPSS
Exploits1References10
Cvelist
Cvelist
added 2021/01/06 10:30 p.m.31 views

CVE-2020-36184

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource...

8.7AI score0.10379EPSS
Exploits1References10
Rows per page
Query Builder