CVEs (29)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
4Debian FasterxmlNetapp+1 more45Agile Plm Application Testing SuiteAutovue For Agile Product Lifecycle Management+42 moreNov 21, 2024 Jan 6, 2021 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource. |
4Debian FasterxmlNetapp+1 more45Agile Plm Application Testing SuiteAutovue For Agile Product Lifecycle Management+42 moreNov 21, 2024 Jan 6, 2021 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource. |
4Debian FasterxmlNetapp+1 more45Agile Plm Application Testing SuiteAutovue For Agile Product Lifecycle Management+42 moreNov 21, 2024 Jan 6, 2021 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource. |
4Debian FasterxmlNetapp+1 more44Agile Plm Application Testing SuiteAutovue For Agile Product Lifecycle Management+41 moreNov 21, 2024 Jan 6, 2021 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS. |
4Debian FasterxmlNetapp+1 more40Agile Plm Application Testing SuiteAutovue+37 moreApr 29, 2026 Dec 27, 2020 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org....Show more |
4Debian FasterxmlNetapp+1 more26Agile Plm Application Testing SuiteAutovue For Agile Product Lifecycle Management+23 moreNov 21, 2024 Dec 17, 2020 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource. |
4Debian FasterxmlNetapp+1 more25Agile Plm Application Testing SuiteAutovue For Agile Product Lifecycle Management+22 moreNov 21, 2024 Dec 17, 2020 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource. |
6Apache FasterxmlFedoraproject+3 more39Agile Plm Agile Product Lifecycle Management Integration PackBanking Apis+36 moreNov 21, 2024 Dec 3, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is...Show more |
4Apache FedoraprojectGradle+1 more37Agile Engineering Data Management AntApi Gateway+34 moreNov 21, 2024 Oct 1, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file...Show more |