Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2020-24750

Disclosure Date: September 17, 2020 (last updated February 22, 2025)
FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-8203

Disclosure Date: July 15, 2020 (last updated February 21, 2025)
Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0