Vulnerability Database

296,733

Total vulnerabilities in the database

CVE-2020-36186

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource.

CVSS v3:

  • Severity: High
  • Score: 8.1
  • AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: Medium
  • Score: 6.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

OWASP TOP 10:

Software From Fixed in
debian / debian_linux 9.0 9.0.x
oracle / webcenter_portal 12.2.1.3.0 12.2.1.3.0.x
oracle / primavera_unifier 17.2 17.2.x
oracle / application_testing_suite 13.3.0.1 13.3.0.1.x
oracle / primavera_unifier 18.8 18.8.x
oracle / primavera_unifier 17.7 17.12.x
oracle / agile_plm 9.3.6 9.3.6.x
oracle / communications_policy_management 12.5.0 12.5.0.x
oracle / primavera_unifier 19.12 19.12.x
oracle / webcenter_portal 12.2.1.4.0 12.2.1.4.0.x
oracle / communications_billing_and_revenue_management 12.0.0.3.0 12.0.0.3.0.x
oracle / communications_billing_and_revenue_management 7.5.0.23.0 7.5.0.23.0.x
oracle / communications_services_gatekeeper 7.0 7.0.x
oracle / retail_merchandising_system 15.0.3 15.0.3.x
oracle / communications_evolved_communications_application_server 7.1 7.1.x
oracle / goldengate_application_adapters 19.1.0.0.0 19.1.0.0.0.x
oracle / data_integrator 12.2.1.4.0 12.2.1.4.0.x
oracle / primavera_unifier 20.12 20.12.x
oracle / banking_virtual_account_management 14.3.0 14.3.0.x
oracle / insurance_rules_palette 11.0.2 11.0.2.x
oracle / commerce_platform 11.3.0 11.3.2.x
oracle / commerce_platform 11.2.0 11.2.0.x
oracle / communications_unified_inventory_management 7.4.1 7.4.1.x
oracle / retail_xstore_point_of_service 16.0.6 16.0.6.x
oracle / retail_xstore_point_of_service 17.0.4 17.0.4.x
oracle / retail_xstore_point_of_service 18.0.3 18.0.3.x
oracle / retail_xstore_point_of_service 19.0.2 19.0.2.x
oracle / retail_service_backbone 15.0.3.1 15.0.3.1.x
oracle / retail_service_backbone 14.1.3.2 14.1.3.2.x
oracle / jd_edwards_enterpriseone_tools - 9.2.5.3
oracle / jd_edwards_enterpriseone_orchestrator - 9.2.5.3
oracle / insurance_rules_palette 11.1.0 11.3.0.x
oracle / insurance_policy_administration 11.1.0 11.3.0.x
oracle / insurance_policy_administration 11.0.2 11.0.2.x
oracle / banking_treasury_management 4.4 4.4.x
oracle / primavera_gateway 20.12.0 20.12.0.x
oracle / primavera_gateway 19.12.0 19.12.10.x
oracle / primavera_gateway 18.8.0 18.8.11.x
oracle / primavera_gateway 17.12.0 17.12.11.x
oracle / communications_cloud_native_core_unified_data_repository 1.4.0 1.4.0.x
oracle / communications_network_charging_and_control 12.0.4.0.0 12.0.4.0.0.x
oracle / communications_convergent_charging_controller 12.0.4.0.0 12.0.4.0.0.x
oracle / retail_customer_management_and_segmentation_foundation 16.0 19.0.x
oracle / autovue_for_agile_product_lifecycle_management 21.0.2 21.0.2.x
oracle / documaker 12.6.3 12.6.3.x
oracle / documaker 12.6.4 12.6.4.x
oracle / banking_virtual_account_management 14.2.0 14.2.0.x
oracle / banking_virtual_account_management 14.5.0 14.5.0.x
oracle / retail_service_backbone 16.0.3.0 16.0.3.0.x
oracle / banking_credit_facilities_process_management 14.2 14.2.x
oracle / banking_credit_facilities_process_management 14.3 14.3.x
oracle / banking_credit_facilities_process_management 14.5 14.5.x
oracle / banking_corporate_lending_process_management 14.2 14.2.x
oracle / banking_corporate_lending_process_management 14.3 14.3.x
oracle / banking_corporate_lending_process_management 14.5 14.5.x
oracle / banking_supply_chain_finance 14.2 14.2.x
oracle / banking_supply_chain_finance 14.3 14.3.x
oracle / banking_supply_chain_finance 14.5 14.5.x
oracle / communications_diameter_signaling_route 8.0.0.0 8.5.0.0.x
oracle / communications_session_route_manager 8.2.0.0 8.2.2.1.x
oracle / communications_session_report_manager 8.0.0.0 8.2.2.1.x
oracle / communications_pricing_design_center 12.0.0.4.0 12.0.0.4.0.x
oracle / communications_cloud_native_core_policy 1.14.0 1.14.0.x
oracle / communications_instant_messaging_server 10.0.1.5.0 10.0.1.5.0.x
oracle / communications_offline_mediation_controller 12.0.0.3 12.0.0.3.x
oracle / banking_extensibility_workbench 14.2 14.2.x
oracle / banking_extensibility_workbench 14.3 14.3.x
oracle / banking_extensibility_workbench 14.5 14.5.x
oracle / communications_element_manager 8.2.0.0 8.2.4.0.x
oracle / documaker 12.6.0 12.6.0.x
oracle / blockchain_platform - 21.1.2.x
Maven icon com.fasterxml.jackson.core / jackson-databind 2.0 2.9.10.8
fasterxml / jackson-databind 2.0.0 2.6.7.5
fasterxml / jackson-databind 2.7.0 2.9.10.8