ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.
| Π Π΅Π»ΠΈΠ· | Π‘ΡΠ°ΡΡΡ | ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅ |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | not-affected | 2.10.1-1 |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | not-affected | 2.10.1-1 |
| esm-apps/jammy | not-affected | 2.10.1-1 |
| esm-apps/noble | not-affected | 2.10.1-1 |
| esm-apps/xenial | released | 2.4.2-3ubuntu0.1~esm2 |
| esm-infra-legacy/trusty | needs-triage |
ΠΠΎΠΊΠ°Π·ΡΠ²Π°ΡΡ ΠΏΠΎ
Π‘ΡΡΠ»ΠΊΠΈ Π½Π° ΠΈΡΡΠΎΡΠ½ΠΈΠΊΠΈ
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3
Π‘Π²ΡΠ·Π°Π½Π½ΡΠ΅ ΡΡΠ·Π²ΠΈΠΌΠΎΡΡΠΈ
FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.
FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.
FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.eh ...
Deserialization of Untrusted Data in jackson-databind
Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡΡ Π±ΠΈΠ±Π»ΠΈΠΎΡΠ΅ΠΊΠΈ Jackson-databind, ΡΠ²ΡΠ·Π°Π½Π½Π°Ρ Ρ Π²ΠΎΡΡΡΠ°Π½ΠΎΠ²Π»Π΅Π½ΠΈΠ΅ΠΌ Π½Π΅Π΄ΠΎΡΡΠΎΠ²Π΅ΡΠ½ΡΡ Π΄Π°Π½Π½ΡΡ Π² ΠΏΠ°ΠΌΡΡΠΈ, ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡΡΠ°Ρ Π½Π°ΡΡΡΠΈΡΠ΅Π»Ρ ΠΏΠΎΠ»ΡΡΠΈΡΡ Π½Π΅ΡΠ°Π½ΠΊΡΠΈΠΎΠ½ΠΈΡΠΎΠ²Π°Π½Π½ΡΠΉ Π΄ΠΎΡΡΡΠΏ ΠΊ Π·Π°ΡΠΈΡΠ°Π΅ΠΌΠΎΠΉ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΈ ΠΈΠ»ΠΈ Π²ΡΠ·Π²Π°ΡΡ ΠΎΡΠΊΠ°Π· Π² ΠΎΠ±ΡΠ»ΡΠΆΠΈΠ²Π°Π½ΠΈΠΈ
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3