Lucene search
GoogleOSV:GHSA-V3XW-C963-F5HCHistoryMay 15, 2020 - 6:58 p.m.
jackson-databind mishandles the interaction between serialization gadgets and typing
2020-05-1518:58:50
Google
osv.dev
25
EPSS
0.008
Percentile
81.6%
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).
References
github.com/FasterXML/jackson-databind
github.com/FasterXML/jackson-databind/issues/2664
lists.debian.org/debian-lts-announce/2020/04/msg00012.html
medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
nvd.nist.gov/vuln/detail/CVE-2020-11111
security.netapp.com/advisory/ntap-20200403-0002
www.oracle.com/security-alerts/cpujan2021.html
www.oracle.com/security-alerts/cpujul2020.html
www.oracle.com/security-alerts/cpuoct2020.html
www.oracle.com/security-alerts/cpuoct2021.html
Related
veracode
veracode
Remote Code Execution
2020-05-19 05:34:39
osv
osv
CVE-2020-11111
2020-03-31 05:15:13
jackson-databind - security update
2020-04-18 00:00:00
jackson-databind vulnerabilities
2021-03-15 21:47:52
vulnrichment
vulnrichment
CVE-2020-11111
2020-03-31 04:37:49
cve
cve
CVE-2020-11111
2020-03-31 05:15:13
ubuntucve
ubuntucve
CVE-2020-11111
2020-03-31 00:00:00
nvd
nvd
CVE-2020-11111
2020-03-31 05:15:13
debiancve
debiancve
CVE-2020-11111
2020-03-31 05:15:13
cvelist
cvelist
CVE-2020-11111
2020-03-31 04:37:49
github
github
redhatcve
redhatcve
CVE-2020-11111
2020-04-06 14:35:37
prion
prion
Design/Logic Flaw
2020-03-31 05:15:00
atlassian
atlassian
redhat
redhat
(RHSA-2020:1523) Important: rh-maven35-jackson-databind security update
2020-04-21 11:44:53
(RHSA-2020:5625) Moderate: Red Hat Single Sign-On 7.4.0 security update
2020-12-17 16:36:27
(RHSA-2020:3196) Important: Red Hat Decision Manager 7.8.0 Security Update
2020-07-29 06:02:59
nessus
nessus
RHEL 7 : rh-maven35-jackson-databind (RHSA-2020:1523)
2023-01-23 00:00:00
Debian DLA-2179-1 : jackson-databind security update
2020-04-20 00:00:00
Oracle Primavera Unifier Multiple Vulnerabilities (Jul 2020 CPU)
2020-07-15 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-2179-1)
2020-04-18 00:00:00
Mageia: Security Advisory (MGASA-2021-0153)
2022-01-28 00:00:00
Ubuntu: Security Advisory (USN-4813-1)
2023-01-27 00:00:00
debian
debian
[SECURITY] [DLA 2179-1] jackson-databind security update
2020-04-17 23:51:40
ibm
ibm
mageia
mageia
Updated jackson-databind packages fix security vulnerabilities
2021-03-27 17:27:02
ubuntu
ubuntu
Jackson Databind vulnerabilities
2021-03-15 00:00:00
hp
hp
HP Device Manager Security Updates
2023-10-20 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2021
2021-01-19 00:00:00
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00
Oracle Critical Patch Update Advisory - October 2021
2021-10-19 00:00:00