Lucene search
K

11 matches found

RedHat Linux
RedHat Linux
added 2020/07/28 3:54 p.m.10 views

jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the p6spy gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or Id.MINIMALCLASS...

9.8CVSS7.4AI score0.04861EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/05/28 3:58 p.m.6 views

jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the p6spy gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or Id.MINIMALCLASS...

9.8CVSS7.4AI score0.04861EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/05/26 4:9 p.m.3 views

jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the p6spy gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or Id.MINIMALCLASS...

9.8CVSS7.4AI score0.04861EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/03/23 1:20 p.m.6 views

jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the p6spy gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or Id.MINIMALCLASS...

9.8CVSS7.4AI score0.04861EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/03/18 2:51 p.m.4 views

jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the p6spy gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or Id.MINIMALCLASS...

9.8CVSS7.4AI score0.04861EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/02/06 8:34 a.m.4 views

jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the p6spy gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or Id.MINIMALCLASS...

9.8CVSS7.4AI score0.04861EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/01/21 3:47 a.m.4 views

jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the p6spy gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or Id.MINIMALCLASS...

9.8CVSS7.4AI score0.04861EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/01/21 3:22 a.m.5 views

jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the p6spy gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or Id.MINIMALCLASS...

9.8CVSS7.4AI score0.04861EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/01/21 2:57 a.m.4 views

jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the p6spy gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or Id.MINIMALCLASS...

9.8CVSS7.4AI score0.04861EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/01/21 2:23 a.m.5 views

jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the p6spy gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or Id.MINIMALCLASS...

9.8CVSS7.4AI score0.04861EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/11/18 2:40 p.m.4 views

jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the p6spy gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or Id.MINIMALCLASS...

9.8CVSS7.4AI score0.04861EPSS
Exploits0References4
Rows per page
Query Builder