Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2020-14195

Published: 16/06/2020 Updated: 17/11/2021
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.1 | Impact Score: 5.9 | Exploitability Score: 2.2
VMScore: 607
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Jackson-databind

Vulnerability Summary

FasterXML jackson-databind 2.x prior to 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

fasterxml jackson-databind

netapp active iq unified manager

netapp steelstore cloud integrated storage -

debian debian linux 8.0

oracle agile plm 9.3.6

oracle banking digital experience 18.1

oracle banking digital experience 18.2

oracle banking digital experience 18.3

oracle banking digital experience 19.1

oracle banking digital experience 19.2

oracle banking digital experience 20.1

oracle communications calendar server 8.0.0.4.0

oracle communications contacts server 8.0.0.5.0

oracle communications diameter signaling router

oracle communications element manager

oracle communications evolved communications application server 7.1

oracle communications instant messaging server 10.0.1.4.0

oracle communications session report manager

oracle communications session route manager

Vendor Advisories

Red Hat: Important: Satellite 6.8 release
Synopsis Important: Satellite 68 release Type/Severity Security Advisory: Important Topic An update is now available for Red Hat Satellite 68 for RHEL 7Red Hat Product Security has rated this update as having a security impactof Important A Common Vulnerability Scoring System (CVSS) base score,which giv ...
Red Hat: Important: Red Hat Fuse 7.7.0 release and security update
Synopsis Important: Red Hat Fuse 770 release and security update Type/Severity Security Advisory: Important Topic A minor version update (from 76 to 77) is now available for Red Hat Fuse The purpose of this text-only errata is to inform you about the security issues fixed in this releaseRed Hat Produc ...
Hitachi Security Advisories: Multiple Vulnerabilities in Hitachi Ops Center Common Services
Multiple vulnerabilities have been found in Hitachi Ops Center Common Services CVE-2019-14843, CVE-2019-14887, CVE-2019-20444, CVE-2019-20445, CVE-2020-1728, CVE-2020-1954, CVE-2020-14060, CVE-2020-14061, CVE-2020-14062, CVE-2020-14195 Affected products and versions are listed below Please upgrade your version to the appropriate version ...
Hitachi Security Advisories: Multiple Vulnerabilities in Cosminexus
Cosminexus Component Container contain the following vulnerabilities: CVE-2019-12086, CVE-2019-12384, CVE-2019-12814, CVE-2019-14379, CVE-2019-14439, CVE-2019-14540, CVE-2019-14892, CVE-2019-14893, CVE-2019-16335, CVE-2019-16942, CVE-2019-16943, CVE-2019-17267, CVE-2019-17531, CVE-2019-20330, CVE-2020-8840, CVE-2020-9546, CVE-2020-9547, CVE-20 ...

References

CWE-502https://github.com/FasterXML/jackson-databind/issues/2765https://lists.debian.org/debian-lts-announce/2020/07/msg00001.htmlhttps://security.netapp.com/advisory/ntap-20200702-0003/https://www.oracle.com/security-alerts/cpuoct2020.htmlhttps://www.oracle.com/security-alerts/cpujan2021.htmlhttps://www.oracle.com/security-alerts/cpuApr2021.htmlhttps://www.oracle.com//security-alerts/cpujul2021.htmlhttps://www.oracle.com/security-alerts/cpuoct2021.htmlhttps://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2020:4366https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2020-125/index.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32744privilege escalationCVE-2024-30253CVE-2024-3914cross-site scriptingCVE-2024-31497CVE-2024-3400CVE-2024-32341hardcoded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook