CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

29 matches found

AstraLinux•added 2026/06/19 11:10 a.m.•6 views

Astra Linux – Vulnerability in Jackson-Databind

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource...

8.8CVSS7.4AI score0.10379EPSS

Exploits1References2

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в jackson-databind

FasterXML Jackson-Databind 2.x versions before 2.9.10.8 mishandle the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource...

8.1CVSS6.9AI score0.07694EPSS

Exploits1References1

Tenable Nessus•added 2026/05/11 12:0 a.m.•11 views

Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017591)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017591 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

8.1CVSS6.9AI score0.05218EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•7 views

EUVD-2021-2550

Malware in sbrugna...

8.8CVSS7.8AI score0.10379EPSS

Exploits1References18

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-2393

Malware in sbrugna...

8.1CVSS7.8AI score0.05218EPSS

Exploits1References18

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2021-2603

Malware in sbrugna...

8.1CVSS7.8AI score0.07694EPSS

Exploits1References17

Tenable Nessus•added 2025/08/19 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2020-36186

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

8.1CVSS7.1AI score0.05218EPSS

Exploits1References2

SUSE CVE•added 2023/02/15 3:50 a.m.•1 views

SUSE CVE-2020-36186

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource...

8.1CVSS8AI score0.05218EPSS

Exploits1References3

BDU FSTEC•added 2022/06/27 12:0 a.m.•6 views

The vulnerability of the org.apache.commons.dbcp2.datasources.PerUserPoolDataSource component in the Jackson-databind library of the FasterXML project allows a attacker to execute arbitrary code.

The vulnerability of the org.apache.commons.dbcp2.datasources.PerUserPoolDataSource component in the Jackson-databind library of the FasterXML project is related to the restoration of an unreliable data structure in memory. Exploiting this vulnerability could allow a remote attacker to execute...

9.3CVSS7.7AI score0.07694EPSS

Exploits1References15Affected Software25

OSV•added 2021/12/09 7:16 p.m.•0 views

GHSA-M6X4-97WX-4Q27 Unsafe Deserialization in jackson-databind

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource...

8.1CVSS6.9AI score0.10379EPSS

Exploits1References13

OSV•added 2021/12/09 7:15 p.m.•3 views

GHSA-WH8G-3J2C-RQJ5 Serialization gadgets exploit in jackson-databind

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource...

8.1CVSS6.9AI score0.07694EPSS

Exploits1References13

Github Security Blog•added 2021/11/19 8:13 p.m.•52 views

Unsafe Deserialization in jackson-databind

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource...

8.1CVSS8.6AI score0.05218EPSS

Exploits1References13Affected Software1

BDU FSTEC•added 2021/06/04 12:0 a.m.•3 views

The vulnerability of the `org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource` component in the Jackson-databind library of the FasterXML project allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource component in the Jackson-databind library of the FasterXML project is related to the restoration of unreliable data in memory. Exploiting this vulnerability may allow an attacker to compromise the...

9.3CVSS7.1AI score0.05218EPSS

Exploits1References9Affected Software6

Veracode•added 2021/01/08 6:11 a.m.•28 views

Arbitrary Code Execution

jackson-databind is vulnerable to remote code execution RCE. The vulnerability exists through the lack of sanitization of the org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource class through deserialization...

8.1CVSS4.9AI score0.10379EPSS

Exploits1References10Affected Software3

Veracode•added 2021/01/08 5:55 a.m.•22 views

Arbitrary Code Execution

jackson-databind is vulnerable to arbitrary code execution. The vulnerability exists through the lack of sanitization of the org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource class through deserialization...

8.1CVSS4.6AI score0.05218EPSS

Exploits1References10Affected Software3

Prion•added 2021/01/06 11:15 p.m.•25 views

Design/Logic Flaw

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource...

6.8CVSS8.6AI score0.05218EPSS

Exploits1References10Affected Software43

OSV•added 2021/01/06 11:15 p.m.•3 views

UBUNTU-CVE-2020-36186

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource...

8.1CVSS5.8AI score0.05218EPSS

Exploits1References4

OSV•added 2021/01/06 11:15 p.m.•1 views

UBUNTU-CVE-2020-36184

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource...

8.8CVSS6.9AI score0.10379EPSS

Exploits1References4

Debian CVE•added 2021/01/06 10:30 p.m.•32 views

CVE-2020-36184

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource...

8.8CVSS8.1AI score0.10379EPSS

Exploits1

Positive Technologies•added 2021/01/01 12:0 a.m.•15 views

PT-2021-3159

Name of the Vulnerable Software and Affected Versions FasterXML jackson-databind versions 2.x before 2.9.10.8 Description The issue is related to the interaction between serialization gadgets and typing, specifically with the org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource component...

9.3CVSS6.8AI score0.10911EPSS

Exploits8References43

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by