Lucene search
K

8 matches found

RedHat Linux
RedHat Linux
added 2019/12/02 4:24 p.m.4 views

jackson-databind: arbitrary code execution in slf4j-ext class

A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using slf4j classes. An attacker could use this flaw to execute arbitrary code...

9.8CVSS7.6AI score0.12679EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/11/14 9:17 p.m.4 views

jackson-databind: arbitrary code execution in slf4j-ext class

A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using slf4j classes. An attacker could use this flaw to execute arbitrary code...

9.8CVSS7.6AI score0.12679EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/10/17 2:54 p.m.3 views

jackson-databind: arbitrary code execution in slf4j-ext class

A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using slf4j classes. An attacker could use this flaw to execute arbitrary code...

9.8CVSS7.6AI score0.12679EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/09/17 1:45 p.m.3 views

jackson-databind: arbitrary code execution in slf4j-ext class

A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using slf4j classes. An attacker could use this flaw to execute arbitrary code...

9.8CVSS7.6AI score0.12679EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/07/16 4:21 p.m.1 views

jackson-databind: arbitrary code execution in slf4j-ext class

A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using slf4j classes. An attacker could use this flaw to execute arbitrary code...

9.8CVSS7.6AI score0.12679EPSS
Exploits0References4
CNVD
CNVD
added 2019/01/03 12:0 a.m.3 views

FasterXML jackson-databind arbitrary code execution vulnerability (CNVD-2019-15941)

FasterXML Jackson is a U.S. FasterXML company for Java data processing tools . Jackson-databind is one of the components with data binding capabilities . An arbitrary code execution vulnerability exists in FasterXML Jackson-databind version 2.x prior to 2.9.7. The vulnerability stems from the...

9.8CVSS9.6AI score0.12679EPSS
Exploits0References1
OSV
OSV
added 2019/01/02 6:29 p.m.1 views

DEBIAN-CVE-2018-14718

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization...

9.8CVSS8.9AI score0.12679EPSS
Exploits0References1
OSV
OSV
added 2018/03/20 4:29 p.m.1 views

UBUNTU-CVE-2018-8088

org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. EventData in the slf4j-ext module in QOS.CH SLF4J, has been fixed in SLF4J versions 1.7.26 later and in the 2.0.x series...

9.8CVSS6.8AI score0.15087EPSS
Exploits0References5
Rows per page
Query Builder