Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added yesterday3 views

CVE-2026-54514

A flaw was found in jackson-databind, a library used for processing JSON data. This vulnerability allows a remote attacker to force the application to perform an attacker-chosen DNS Domain Name System query. This occurs when untrusted JSON input containing specific network address information is...

5.3CVSS5.7AI score0.00219EPSS
Exploits0References6
EUVD
EUVD
added 2025/12/16 12:30 a.m.8 views

EUVD-2025-203473

Pentaho Data Integration and Analytics Community Dashboard Editor plugin versions before 10.2.0.4, including 9.3.0.x and 8.3.x, deserialize untrusted JSON data without constraining the parser to approved classes and methods...

8.8CVSS6.5AI score0.00362EPSS
Exploits0References2
OSV
OSV
added 2022/10/10 10:15 p.m.4 views

UBUNTU-CVE-2022-3433

The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse this flaw to produce a hash collision in the underlying unordered-containers library by sending specially crafted JSON data, resulting in a denial of service...

6.5CVSS5.8AI score0.0071EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2020/02/19 7:55 p.m.3 views

jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection

A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the extend function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with...

6.1CVSS6.7AI score0.87218EPSS
Exploits4References6
Rows per page
Query Builder