Netapp

Service Level Manager

29 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1

CVE-2020-36185

Exploit
  • EPSS 2.32%
  • Published 06.01.2021 23:15:13
  • Last modified 21.11.2024 05:28:56

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource.

8.1

CVE-2020-36184

Exploit
  • EPSS 5.95%
  • Published 06.01.2021 23:15:13
  • Last modified 21.11.2024 05:28:56

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.

8.1

CVE-2020-36181

Exploit
  • EPSS 7.39%
  • Published 06.01.2021 23:15:12
  • Last modified 21.11.2024 05:28:55

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS.

8.1

CVE-2020-35728

  • EPSS 39.67%
  • Published 27.12.2020 05:15:11
  • Last modified 27.08.2025 21:15:36

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.js...

8.1

CVE-2020-35491

Exploit
  • EPSS 8.06%
  • Published 17.12.2020 19:15:14
  • Last modified 21.11.2024 05:27:24

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.

8.1

CVE-2020-35490

Exploit
  • EPSS 5.58%
  • Published 17.12.2020 19:15:14
  • Last modified 21.11.2024 05:27:24

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.

7.5

CVE-2020-25649

  • EPSS 0.01%
  • Published 03.12.2020 17:15:12
  • Last modified 21.11.2024 05:18:20

A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.

6.8

CVE-2020-25689

Exploit
  • EPSS 0.24%
  • Published 02.11.2020 21:15:27
  • Last modified 21.11.2024 05:18:28

A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tries to reconnect in a loop, generating new connections which are not properly closed while not able to connect to domain-controller. This flaw allows ...

7.5

CVE-2020-25644

  • EPSS 0.6%
  • Published 06.10.2020 14:15:12
  • Last modified 21.11.2024 05:18:19

A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. It may allow the attacker to cause OOM leading to a denial of service. The highest threat from this vulnerability is to system availab...

9.8

CVE-2020-8840

  • EPSS 8.16%
  • Published 10.02.2020 21:56:10
  • Last modified 21.11.2024 05:39:32

FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.