CVE-2020-36188
- EPSS 10.91%
- Veröffentlicht 06.01.2021 23:15:13
- Zuletzt bearbeitet 21.11.2024 05:28:57
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource.
CVE-2020-36189
- EPSS 4.91%
- Veröffentlicht 06.01.2021 23:15:13
- Zuletzt bearbeitet 21.11.2024 05:28:58
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.
CVE-2020-36181
- EPSS 5.02%
- Veröffentlicht 06.01.2021 23:15:12
- Zuletzt bearbeitet 21.11.2024 05:28:55
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS.
CVE-2020-35728
- EPSS 12.5%
- Veröffentlicht 27.12.2020 05:15:11
- Zuletzt bearbeitet 29.04.2026 20:17:55
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.js...
CVE-2020-25649
- EPSS 17.61%
- Veröffentlicht 03.12.2020 17:15:12
- Zuletzt bearbeitet 21.11.2024 05:18:20
A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.
CVE-2019-10219
- EPSS 2.17%
- Veröffentlicht 08.11.2019 15:15:11
- Zuletzt bearbeitet 07.07.2025 14:15:21
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.