Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8
CVE-2019-14892
- EPSS 5.44%
- Veröffentlicht 02.03.2020 17:15:17
- Zuletzt bearbeitet 21.11.2024 04:27:37
A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to ex...
6.1
CVE-2019-14862
- EPSS 1.99%
- Veröffentlicht 02.01.2020 15:15:12
- Zuletzt bearbeitet 21.11.2024 04:27:31
There is a vulnerability in knockout before version 3.5.0-beta, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it.
6.1
CVE-2019-14863
- EPSS 1.38%
- Veröffentlicht 02.01.2020 15:15:12
- Zuletzt bearbeitet 20.11.2025 18:00:14
There is a vulnerability in all angular versions before 1.5.0-beta.0, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it.