Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017597)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017597 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

Astra Linux – Vulnerability in Jackson-Databind

FasterXML Jackson-Databind 2.x versions before 2.9.10.8 mishandle the interaction between serialization gadgets and typing, related to com.newrelic agent.deps.ch.qos.logback.core.db.JNDIConnectionSource...

EUVD-2019-0658

Malware in sbrugna...

EUVD-2019-0670

Malware in sbrugna...

EUVD-2020-0399

Malware in sbrugna...

jackson-databind: Serialization gadgets in shaded-hikari-config

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

Astra Linux - уязвимость в jackson-databind

FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource aka Anteros-DBCP...

SUSE CVE-2020-9548

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig aka anteros-core...

SUSE CVE-2020-24616

FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource aka Anteros-DBCP...

Security Bulletin: Jackson-databind vulnerabilities affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-14439, CVE-2019-14379)

Summary Jackson-databind is vulnerable to a remote attacker obtaining sensitive information or executing arbitrary code on the system which affects IBM Spectrum Control formerly Tivoli Storage Productivity Center. Vulnerability Details CVE-ID: CVE-2019-14439 Description: FasterXML jackson-databin...

OESA-2021-1051 jackson-databind security update

The general-purpose data-binding functionality and tree-model for Jackson Data Processor. It builds on core streaming parser/generator package, and uses Jackson Annotations for configuration. Security Fixes: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between...

CVE-2020-36180

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS...

UBUNTU-CVE-2020-36182

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS...

DEBIAN-CVE-2020-36185

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource...

DEBIAN-CVE-2020-36181

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS...

UBUNTU-CVE-2020-36184

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource...

DEBIAN-CVE-2020-35491

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource...

jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

FreeBSD : Payara -- A Polymorphic Typing issue in FasterXML jackson-databind (bd159669-0808-11eb-a3a4-0019dbb15b3f)

Payara Releases reports : The following is a list of tracked Common Vulnerabilities and Exposures that have been reported and analyzed, which can or have impacted Payara Server across releases : - CVE-2019-12086 A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before...

jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...