CVE-2020-36188
- EPSS 10.91%
- Veröffentlicht 06.01.2021 23:15:13
- Zuletzt bearbeitet 21.11.2024 05:28:57
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource.
CVE-2020-36187
- EPSS 5.2%
- Veröffentlicht 06.01.2021 23:15:13
- Zuletzt bearbeitet 21.11.2024 05:28:57
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource.
CVE-2020-36186
- EPSS 5.22%
- Veröffentlicht 06.01.2021 23:15:13
- Zuletzt bearbeitet 21.11.2024 05:28:56
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource.
CVE-2020-36185
- EPSS 5.22%
- Veröffentlicht 06.01.2021 23:15:13
- Zuletzt bearbeitet 21.11.2024 05:28:56
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource.
CVE-2020-36184
- EPSS 10.38%
- Veröffentlicht 06.01.2021 23:15:13
- Zuletzt bearbeitet 21.11.2024 05:28:56
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.
CVE-2020-36181
- EPSS 5.02%
- Veröffentlicht 06.01.2021 23:15:12
- Zuletzt bearbeitet 21.11.2024 05:28:55
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS.
CVE-2020-35728
- EPSS 12.5%
- Veröffentlicht 27.12.2020 05:15:11
- Zuletzt bearbeitet 29.04.2026 20:17:55
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.js...
CVE-2020-35491
- EPSS 9.48%
- Veröffentlicht 17.12.2020 19:15:14
- Zuletzt bearbeitet 21.11.2024 05:27:24
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.
CVE-2020-35490
- EPSS 7.69%
- Veröffentlicht 17.12.2020 19:15:14
- Zuletzt bearbeitet 21.11.2024 05:27:24
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.
CVE-2020-17521
- EPSS 1.05%
- Veröffentlicht 07.12.2020 20:15:12
- Zuletzt bearbeitet 21.11.2024 05:08:16
Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was using a now superseded Java JDK method call that is potentially not secure on some operatin...