Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-35728

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

8.1CVSS7.4AI score0.12504EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/07/28 3:54 p.m.4 views

jackson-databind: Serialization gadgets in classes of the xalan package

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or...

9.8CVSS7.4AI score0.03958EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/05/28 3:58 p.m.7 views

jackson-databind: Serialization gadgets in classes of the xalan package

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or...

9.8CVSS7.4AI score0.03958EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/03/18 5:36 p.m.3 views

jackson-databind: Serialization gadgets in classes of the xalan package

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or...

9.8CVSS7.4AI score0.03958EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/03/18 2:51 p.m.5 views

jackson-databind: Serialization gadgets in classes of the xalan package

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or...

9.8CVSS7.4AI score0.03958EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/03/05 1:12 p.m.4 views

jackson-databind: Serialization gadgets in classes of the xalan package

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or...

9.8CVSS7.4AI score0.03958EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/02/06 8:34 a.m.5 views

jackson-databind: Serialization gadgets in classes of the xalan package

A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as enableDefaultTyping or when @JsonTypeInfo is using Id.CLASS or...

9.8CVSS7.4AI score0.03958EPSS
Exploits0References4
Rows per page
Query Builder