CVE-2018-14721

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery SSRF attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization...

Combing through the fuzz: Using fuzzy hashing and deep learning to counter malware detection evasion techniques

Today’s cybersecurity threats continue to find ways to fly and stay under the radar. Cybercriminals use polymorphic malware because a slight change in the binary code or script could allow the said threats to avoid detection by traditional antivirus software. Threat actors customize their wares...

CVE-2019-14379

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the ehcache and logback JNDI gadgets when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLAS...

CVE-2019-12086

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled either globally or for a specific property for an externally exposed JSON endpoint, the service has the mysql-connector-java jar 8.0.14 or earlier in the classpath, and an...

CVE-2017-15095

A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes...

OESA-2021-1236 rubygem-actionpack security update

Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling easy unit/integration testing that doesn't require a browser. Security Fixes: A possible information disclosure/unintended method execution vulnerability...

CVE-2018-14719

A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using blaze classes. An attacker could use this flaw to execute arbitrary code...

Necro Python Malware Upgrades With New Exploits and Crypto Mining Capabilities

New upgrades have been made to a Python-based "self-replicating, polymorphic bot" called Necro in what's seen as an attempt to improve its chances of infecting vulnerable systems and evading detection. "Although the bot was originally discovered earlier this year, the latest activity shows numero...

DEBIAN-CVE-2021-22885

A possible information disclosure / unintended method execution vulnerability in Action Pack = 2.0.0 when using the redirectto or polymorphicurlhelper with untrusted user input...

Keksec Cybergang Debuts Simps Botnet for Gaming DDoS

A recently developed botnet named “Simps” has emerged from the cyber-underground to carry out distributed denial-of-service DDoS attacks on gaming targets and others, using internet of things IoT nodes. It’s part of the toolset used by the Keksec cybercrime group, researchers said. According to t...

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure. There is a possible information exposure / unintended method execution when using the redirectto or polymorphicurl helper with untrusted user input. This arises because urlfor supports building polymorphic URLs via...

Security Bulletin: Multiple vulnerabilities in FasterXML jackson-databind affect Apache Solr shipped with IBM Operations Analytics - Log Analysis

Summary There are vulnerabilities in various versions of FasterXML jackson-databind that affect Apache Solr. The vulnerabilities are in Vulnerability Details section. Vulnerability Details CVEID: CVE-2018-14718 DESCRIPTION: FasterXML jackson-databind could allow a remote attacker to execute...

[SECURITY] Fedora 33 Update: clamav-0.103.2-1.fc33

Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...

Updated jackson-databind packages fix security vulnerabilities

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled either globally or for a specific property for an externally exposed JSON endpoint, the service has the mysql-connector-java jar 8.0.14 or earlier in the classpath, and an...

MGASA-2021-0153 Updated jackson-databind packages fix security vulnerabilities

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled either globally or for a specific property for an externally exposed JSON endpoint, the service has the mysql-connector-java jar 8.0.14 or earlier in the classpath, and an...

Security Bulletin: Android Mobile SDK compile builder includes vulnerable components

Summary A third party JSON parser that Android Mobile SDK uses include vulnerable components. The JSON parser is included in the compile builder provided to customers to compile their Mobile SDK manifest. It is not included within customer apps. Vulnerability Details CVEID: CVE-2018-7489...

FreakOut! Ongoing Botnet Attack Exploiting Recent Linux Vulnerabilities

An ongoing malware campaign has been found exploiting recently disclosed vulnerabilities in network-attached storage NAS devices running on Linux systems to co-opt the machines into an IRC botnet for launching distributed denial-of-service DDoS attacks and mining Monero cryptocurrency. The attack...

Deserialization Of Untrusted Object

jackson-databind is vulnerable to deserialization of untrusted data that can lead to remote code execution. It is possible because untrusted classes org.apache.commons.dbcp2.datasources.SharedPoolDataSource was not filtered by default from the interaction between serialization gadgets and...

Deserialization Of Untrusted Object

jackson-databind is vulnerable to deserialization of untrusted data that can lead to remote code execution. It is possible because untrusted classes org.apache.commons.dbcp2.datasources.SharedPoolDataSource was not filtered by default from the interaction between serialization gadgets and...

Adrozek Malware Delivers Fake Ads to 30K Devices a Day

A persistent malware campaign called Adrozek has been using an evolved browser modifier to deliver fraudulent ads to search-engine pages, according to Microsoft. At its peak in August, Adrozek was observed on more than 30,000 devices each day, researchers found, affecting multiple browsers. The...