Lucene search
K

6 matches found

RedHat Linux
RedHat Linux
added 2020/12/17 4:40 p.m.2 views

jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.8CVSS7.1AI score0.03489EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/07/29 6:21 a.m.4 views

jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.8CVSS7.1AI score0.03489EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/07/28 3:54 p.m.4 views

jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.8CVSS7.1AI score0.03489EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/05/28 3:58 p.m.11 views

jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory

A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8.8CVSS7.1AI score0.03489EPSS
Exploits0References5
OSV
OSV
added 2020/03/18 10:15 p.m.1 views

DEBIAN-CVE-2020-10672

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory aka aries.transaction.jms...

8.8CVSS6.9AI score0.02959EPSS
Exploits0References1
OSV
OSV
added 2020/03/18 10:15 p.m.4 views

UBUNTU-CVE-2020-10672

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory aka aries.transaction.jms...

8.8CVSS6.9AI score0.02959EPSS
Exploits0References5
Rows per page
Query Builder