Lucene search
K

14 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2020-36179

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

8.8CVSS7.1AI score0.20929EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2020-36189

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

8.1CVSS7.4AI score0.04912EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:8 a.m.4 views

SUSE CVE-2019-16335

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540...

9.8CVSS7.3AI score0.04918EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:7 a.m.3 views

SUSE CVE-2019-17267

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup...

7.5CVSS7AI score0.0459EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/01/01 12:0 a.m.14 views

PT-2021-3160

Name of the Vulnerable Software and Affected Versions FasterXML jackson-databind versions 2.x before 2.9.10.8 FasterXML jackson-databind versions 2.6.7.5 and earlier Description The issue is related to the interaction between serialization gadgets and typing, specifically with...

9.3CVSS6.8AI score0.20929EPSS
Exploits3References46
Positive Technologies
Positive Technologies
added 2021/01/01 12:0 a.m.14 views

PT-2021-3161

Name of the Vulnerable Software and Affected Versions FasterXML jackson-databind versions 2.x before 2.9.10.8 FasterXML jackson-databind versions 2.6.7.5 and earlier Description The issue is related to the interaction between serialization gadgets and typing, specifically with the...

9.3CVSS6.8AI score0.05018EPSS
Exploits3References44
RedHat Linux
RedHat Linux
added 2020/10/27 12:58 p.m.7 views

jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider

A flaw was found in jackson-databind 2.x prior to version 2.9.10.4. The interaction between serialization gadgets and typing is mishandled in the bus-proxy. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.8CVSS7.1AI score0.03538EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/09/17 1:7 p.m.6 views

jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider

A flaw was found in jackson-databind 2.x prior to version 2.9.10.4. The interaction between serialization gadgets and typing is mishandled in the bus-proxy. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.8CVSS7.1AI score0.03538EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/09/07 12:57 p.m.2 views

jackson-databind: Serialization gadgets in shaded-hikari-config

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS7.1AI score0.04613EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/05/28 3:58 p.m.8 views

jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.8CVSS7.1AI score0.03583EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2020/04/09 10:54 a.m.26 views

CVE-2019-12814

A new polymorphic typing flaw was discovered in FasterXML jackson-databind, versions 2.x through 2.9.9. With default typing enabled, an attacker can send a specifically crafted JSON message to the server that allows them to read arbitrary local files. Mitigation This vulnerability relies on jdom...

7.5CVSS3.8AI score0.10951EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2019/10/24 9:18 a.m.8 views

jackson-databind: default typing mishandling leading to remote code execution

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the ehcache and logback JNDI gadgets when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLAS...

9.8CVSS7.4AI score0.08045EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/09/30 10:57 p.m.6 views

jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message.

A new polymorphic typing flaw was discovered in FasterXML jackson-databind, versions 2.x through 2.9.9. With default typing enabled, an attacker can send a specifically crafted JSON message to the server that allows them to read arbitrary local files...

5.9CVSS7.5AI score0.10951EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2019/06/19 12:0 a.m.7 views

PT-2019-3866 · Fasterxml +3 · Jackson-Databind +3

Name of the Vulnerable Software and Affected Versions: FasterXML jackson-databind versions 2.x through 2.9.9 Description: A Polymorphic Typing issue was discovered in FasterXML jackson-databind. When Default Typing is enabled for an externally exposed JSON endpoint and the service has JDOM 1.x or...

10CVSS7.7AI score0.45205EPSS
Exploits10References274
Rows per page
Query Builder