Количество 7
Количество 7
CVE-2020-10672
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).
CVE-2020-10672
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).
CVE-2020-10672
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).
CVE-2020-10672
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...
GHSA-95cm-88f5-f2c7
jackson-databind mishandles the interaction between serialization gadgets and typing
BDU:2021-00768
Уязвимость компонента org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory библиотеки Jackson-databind проекта FasterXML, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
RLSA-2020:1644
Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-10672 FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). | CVSS3: 8.8 | 40% Средний | больше 5 лет назад |
 | CVE-2020-10672 FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). | CVSS3: 8.1 | 40% Средний | больше 5 лет назад |
 | CVE-2020-10672 FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). | CVSS3: 8.8 | 40% Средний | больше 5 лет назад |
| CVE-2020-10672 FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ... | CVSS3: 8.8 | 40% Средний | больше 5 лет назад |
| GHSA-95cm-88f5-f2c7 jackson-databind mishandles the interaction between serialization gadgets and typing | CVSS3: 8.8 | 40% Средний | около 5 лет назад |
 | BDU:2021-00768 Уязвимость компонента org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory библиотеки Jackson-databind проекта FasterXML, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации | CVSS3: 8.8 | 40% Средний | больше 5 лет назад |
 | RLSA-2020:1644 Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update | около 5 лет назад |
Уязвимостей на страницу