Lucene search
K

4273 matches found

UbuntuCve
UbuntuCve
added 2020/03/31 5:15 a.m.28 views

CVE-2020-11112

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider aka apache/commons-proxy...

8.8CVSS7.1AI score0.03583EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2020/03/31 5:15 a.m.41 views

CVE-2020-11113

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime aka openjpa...

8.8CVSS7.1AI score0.06278EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2020/03/31 5:15 a.m.31 views

CVE-2020-11111

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq. aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms...

8.8CVSS7.1AI score0.03489EPSS
Exploits0References4
Prion
Prion
added 2020/03/31 5:15 a.m.21 views

Design/Logic Flaw

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq. aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms...

6.8CVSS8.9AI score0.03489EPSS
Exploits0References8Affected Software24
Prion
Prion
added 2020/03/31 5:15 a.m.20 views

Design/Logic Flaw

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime aka openjpa...

6.8CVSS8.9AI score0.06278EPSS
Exploits0References8Affected Software31
OSV
OSV
added 2020/03/31 5:15 a.m.3 views

UBUNTU-CVE-2020-11111

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq. aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms...

8.8CVSS7.2AI score0.03489EPSS
Exploits0References5
OSV
OSV
added 2020/03/31 5:15 a.m.1 views

UBUNTU-CVE-2020-11112

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider aka apache/commons-proxy...

8.8CVSS7.2AI score0.03583EPSS
Exploits0References5
OSV
OSV
added 2020/03/31 5:15 a.m.1 views

UBUNTU-CVE-2020-11113

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime aka openjpa...

8.8CVSS7.2AI score0.06278EPSS
Exploits0References5
CVE
CVE
added 2020/03/31 4:37 a.m.446 views

CVE-2020-11111

CVE-2020-11111 involves FasterXML Jackson Databind 2.x before 2.9.10.4, where deserialization gadgets and typing interaction (related to org.apache.activemq.*) are mishandled. This can impact confidentiality, integrity and availability. Affected product is Jackson Databind 2.x prior to 2.9.10.4; ...

8.8CVSS8.3AI score0.03489EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2020/03/31 4:37 a.m.24 views

CVE-2020-11111

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq. aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms...

9AI score0.03489EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2020/03/31 4:37 a.m.23 views

CVE-2020-11111

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq. aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms...

6.6AI score0.03489EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2020/03/31 4:37 a.m.28 views

CVE-2020-11111

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq. aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms...

8.8CVSS8.7AI score0.03489EPSS
Exploits0
Cvelist
Cvelist
added 2020/03/31 4:37 a.m.26 views

CVE-2020-11112

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider aka apache/commons-proxy...

9AI score0.03583EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2020/03/31 4:37 a.m.23 views

CVE-2020-11112

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider aka apache/commons-proxy...

6.6AI score0.03583EPSS
Exploits0References8
CVE
CVE
added 2020/03/31 4:37 a.m.421 views

CVE-2020-11112

CVE-2020-11112 affects FasterXML jackson-databind 2.x before 2.9.10.4, where serialization gadgets and typing interaction is mishandled (related to org.apache.commons.proxy.provider.remoting.RmiProvider). This is a deserialization issue that could enable malicious payload execution; affected prod...

8.8CVSS8.3AI score0.03583EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2020/03/31 4:37 a.m.31 views

CVE-2020-11112

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider aka apache/commons-proxy...

8.8CVSS8.7AI score0.03583EPSS
Exploits0
Cvelist
Cvelist
added 2020/03/31 4:37 a.m.30 views

CVE-2020-11113

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime aka openjpa...

9AI score0.06278EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2020/03/31 4:37 a.m.32 views

CVE-2020-11113

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime aka openjpa...

6.7AI score0.06278EPSS
Exploits0References8
CVE
CVE
added 2020/03/31 4:37 a.m.501 views

CVE-2020-11113

CVE-2020-11113 is a deserialization vulnerability in FasterXML jackson-databind (2.x before 2.9.10.4) tied to typing gadget interactions (notably related to org.apache.openjpa.ee.WASRegistryManagedRuntime). The connected documents corroborate an exploit path via unsafe deserialization leading to ...

8.8CVSS8.3AI score0.06278EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2020/03/31 4:37 a.m.33 views

CVE-2020-11113

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime aka openjpa...

8.8CVSS8.7AI score0.06278EPSS
Exploits0
Rows per page
Query Builder