logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2020-35491

Description

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.


Affected Package


OS OS Version Package Name Package Version
ubuntu 20.04 jackson-databind any
ubuntu 22.04 jackson-databind any
ubuntu upstream jackson-databind any
ubuntu 14.04 jackson-databind any
ubuntu upstream jackson-databind any
ubuntu 16.04 jackson-databind any

Related