| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-16943 | 6.8 |
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) ja
|
13-09-2023 - 14:55 | 01-10-2019 - 17:15 | |
| CVE-2019-16335 | 7.5 |
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.
|
13-09-2023 - 14:55 | 15-09-2019 - 22:15 | |
| CVE-2019-14439 | 5.0 |
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the logbac
|
13-09-2023 - 14:54 | 30-07-2019 - 11:15 | |
| CVE-2019-14540 | 7.5 |
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.
|
13-09-2023 - 14:54 | 15-09-2019 - 22:15 | |
| CVE-2019-12384 | 4.3 |
FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. Depending on the classpath content, remote code execution may be
|
13-09-2023 - 14:16 | 24-06-2019 - 16:15 | |
| CVE-2019-16942 | 7.5 |
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.
|
08-06-2023 - 18:00 | 01-10-2019 - 17:15 |