CVEs (25)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
4Debian FasterxmlNetapp+1 more36Active Iq Unified Manager Big Data Spatial And GraphCloud Insights Acquisition Unit+33 moreAug 27, 2025 Mar 11, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. |
3Apache NetappOracle29Active Iq Unified Manager Agile Engineering Data ManagementAgile Plm+26 moreNov 21, 2024 Jan 24, 2022 N/A· v4 6.5 MEDIUM· v3 7.1 HIGH· v2 There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consu...Show more |
4Debian FasterxmlNetapp+1 more18Active Iq Unified Manager Banking PlatformCommunications Contacts Server+15 moreNov 21, 2024 Apr 7, 2020 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly). |
4Debian FasterxmlNetapp+1 more21Active Iq Unified Manager Agile PlmBanking Platform+18 moreApr 29, 2026 Apr 7, 2020 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop). |
4Debian FasterxmlNetapp+1 more32Agile Plm Autovue For Agile Product Lifecycle ManagementBanking Digital Experience+29 moreApr 29, 2026 Mar 31, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa). |
4Debian FasterxmlNetapp+1 more31Agile Plm Autovue For Agile Product Lifecycle ManagementBanking Digital Experience+28 moreApr 29, 2026 Mar 31, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy). |
4Debian FasterxmlNetapp+1 more25Agile Plm Autovue For Agile Product Lifecycle ManagementBanking Digital Experience+22 moreNov 21, 2024 Mar 31, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms)...Show more |
4Debian FasterxmlNetapp+1 more31Agile Plm Autovue For Agile Product Lifecycle ManagementBanking Digital Experience+28 moreNov 21, 2024 Mar 26, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane. |
4Debian FasterxmlNetapp+1 more31Agile Plm Autovue For Agile Product Lifecycle ManagementBanking Digital Experience+28 moreNov 21, 2024 Mar 26, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy). |
4Debian FasterxmlNetapp+1 more31Agile Plm Autovue For Agile Product Lifecycle ManagementBanking Digital Experience+28 moreNov 21, 2024 Mar 18, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus). |
4Debian FasterxmlNetapp+1 more31Agile Plm Autovue For Agile Product Lifecycle ManagementBanking Digital Experience+28 moreNov 21, 2024 Mar 18, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jm...Show more |
4Debian FasterxmlNetapp+1 more25Active Iq Unified Manager Agile PlmAutovue For Agile Product Lifecycle Management+22 moreNov 21, 2024 Mar 2, 2020 N/A· v4 9.8 CRITICAL· v3 6.8 MEDIUM· v2 FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core). |
4Debian FasterxmlNetapp+1 more16Active Iq Unified Manager Autovue For Agile Product Lifecycle ManagementBanking Platform+13 moreNov 21, 2024 Mar 2, 2020 N/A· v4 9.8 CRITICAL· v3 6.8 MEDIUM· v2 FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap). |
4Debian FasterxmlNetapp+1 more31Active Iq Unified Manager Agile PlmAutovue For Agile Product Lifecycle Management+28 moreApr 29, 2026 Mar 2, 2020 N/A· v4 9.8 CRITICAL· v3 6.8 MEDIUM· v2 FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config). |
5Debian FasterxmlHuawei+2 more8Debian Linux Global Lifecycle Management OpatchJackson Databind+5 moreNov 21, 2024 Feb 10, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter. |
4Debian FasterxmlNetapp+1 more30Active Iq Unified Manager Banking PlatformCommunications Billing And Revenue Management+27 moreNov 21, 2024 Jan 3, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking. |
2Dell Oracle18Application Performance Management Bsafe Cert JBsafe Crypto J+15 moreNov 21, 2024 Sep 18, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. A malicious remote attacker could potentially exploit those vulne...Show more |
6Debian FasterxmlFedoraproject+3 more17Banking Platform Customer Management And Segmentation FoundationDebian Linux+14 moreNov 21, 2024 Sep 15, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540. |
6Debian FasterxmlFedoraproject+3 more19Banking Platform Customer Management And Segmentation FoundationDebian Linux+16 moreNov 21, 2024 Sep 15, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig. |
6Apache DebianFasterxml+3 more18Banking Platform Communications Diameter Signaling RouterCommunications Instant Messaging Server+15 moreNov 21, 2024 Jul 30, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint...Show more |