Astra Linux - уязвимость в jackson-databind

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource...

Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017518)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017518 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017572)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017572 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

Linux Distros Unpatched Vulnerability : CVE-2020-35490

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

GHSA-V585-23HC-C647 Unsafe Deserialization in jackson-databind

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource...

The vulnerability of the org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource component in the Jackson-databind library of the FasterXML project allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource component in the Jackson-databind library of the FasterXML project is related to the restoration of unreliable data in memory. Exploiting this vulnerability may allow an attacker to compromise the...

OESA-2021-1014 jackson-databind security update

The general-purpose data-binding functionality and tree-model for Jackson Data Processor. It builds on core streaming parser/generator package, and uses Jackson Annotations for configuration.\r\n\r\n Security Fixes:\r\n\r\n FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction...

DEBIAN-CVE-2020-36186

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource...

DEBIAN-CVE-2020-36184

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource...

PT-2021-3163 · Fasterxml +3 · Jackson-Databind +3

Name of the Vulnerable Software and Affected Versions: FasterXML jackson-databind versions 2.x before 2.9.10.8 Description: The issue is related to the interaction between serialization gadgets and typing in the FasterXML jackson-databind library, specifically with the...

FasterXML jackson-databind Code Issue Vulnerability

FasterXML jackson-databind is a JAVA based library that can convert data formats such as XML and JSON to JAVA objects. jackson-databind can easily convert Java objects to json objects and xml documents, and likewise convert json, xml to Java objects. A code issue vulnerability exists in FasterXML...

The vulnerability of the SharedPoolDataSource and PerUserPoolDataSource components of the Jackson-databind library in the FasterXML project allows a malicious actor to gain unauthorized access to information or cause service failures.

The vulnerability of the SharedPoolDataSource and PerUserPoolDataSource components of the Jackson-databind library in the FasterXML project is related to a lack of mechanisms for verifying input data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to information...

DEBIAN-CVE-2019-16942

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled either globally or for a specific property for an externally exposed JSON endpoint and the service has the commons-dbcp 1.4 jar in the classpath, and an attacker can find a...

UBUNTU-CVE-2019-16942

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled either globally or for a specific property for an externally exposed JSON endpoint and the service has the commons-dbcp 1.4 jar in the classpath, and an attacker can find a...