Show filters
26 Total Results
Displaying 11-20 of 26
Sort by:
Attacker Value
Unknown
CVE-2020-11112
Disclosure Date: March 31, 2020 (last updated November 08, 2023)
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).
0
Attacker Value
Unknown
CVE-2020-11111
Disclosure Date: March 31, 2020 (last updated November 08, 2023)
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).
0
Attacker Value
Unknown
CVE-2020-11113
Disclosure Date: March 31, 2020 (last updated November 08, 2023)
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).
0
Attacker Value
Unknown
CVE-2020-10969
Disclosure Date: March 26, 2020 (last updated November 08, 2023)
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.
0
Attacker Value
Unknown
CVE-2020-10968
Disclosure Date: March 26, 2020 (last updated November 08, 2023)
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).
0
Attacker Value
Unknown
CVE-2020-10672
Disclosure Date: March 18, 2020 (last updated November 08, 2023)
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).
0
Attacker Value
Unknown
CVE-2020-10673
Disclosure Date: March 18, 2020 (last updated November 08, 2023)
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).
0
Attacker Value
Unknown
CVE-2020-9546
Disclosure Date: March 02, 2020 (last updated November 08, 2023)
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).
0
Attacker Value
Unknown
CVE-2020-9548
Disclosure Date: March 02, 2020 (last updated November 08, 2023)
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).
0
Attacker Value
Unknown
CVE-2019-10097
Disclosure Date: September 26, 2019 (last updated November 08, 2023)
In Apache HTTP Server 2.4.32-2.4.39, when mod_remoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted proxy and not by untrusted HTTP clients.
0
