Download
| Alert*
oval:org.secpod.oval:def:66836
The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System. Security Fix: * jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig * jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource * jackson-databind: Se ... oval:org.secpod.oval:def:117196 Core part of Jackson that defines Streaming API as well as basic shared abstractions. oval:org.secpod.oval:def:117193 Project for parent pom for all Jackson components. oval:org.secpod.oval:def:117190 The general-purpose data-binding functionality and tree-model for Jackson Data Processor. It builds on core streaming parser/generator package, and uses Jackson Annotations for configuration. oval:org.secpod.oval:def:117191 Core annotations used for value types, used by Jackson data-binding package. oval:org.secpod.oval:def:117188 A "bill of materials" POM for Jackson dependencies. oval:org.secpod.oval:def:59580 It was discovered that libjackson2-databind-java, a Java library used to parse JSON and other data formats, did not properly validate user input before attempting deserialization. This allowed an attacker providing maliciously crafted input to perform code execution, or read arbitrary files on the s ... oval:org.secpod.oval:def:69547 The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System. Security Fix: * jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig * jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource * jackson-databind: Se ... oval:org.secpod.oval:def:604554 It was discovered that libjackson2-databind-java, a Java library used to parse JSON and other data formats, did not properly validate user input before attempting deserialization. This allowed an attacker providing maliciously crafted input to perform code execution, or read arbitrary files on the s ... oval:org.secpod.oval:def:1505303 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:69914 It was discovered that libjackson2-databind-java, a Java library used to parse JSON and other data formats, did not properly validate user input before attempting deserialization. This allowed an attacker providing maliciously crafted input to perform code execution, or read arbitrary files on the s ... oval:org.secpod.oval:def:2500199 The Public Key Infrastructure Core contains fundamental packages required by AlmaLinux Certificate System. |