Fasterxml Vulnerabilità

Sequenza temporale

Genere

Programming Language Software	68

Prodotto

FasterXML jackson-databind	65
FasterXML jackson-dataformat-cbor	1
FasterXML Jackson Databind	1
FasterXML Jackson	1

Contromisure

Official Fix	61
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	7

Sfruttabilità

High	0
Functional	0
Proof-of-Concept	0
Unproven	0
Not Defined	68

Accesso al vettore

Not Defined	0
Physical	0
Local	0
Adjacent	13
Network	55

Autenticazione

Not Defined	0
High	0
Low	20
None	48

Interazione dell'utente

Not Defined	0
Required	8
None	60

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	2
≤5	1
≤6	10
≤7	12
≤8	10
≤9	23
≤10	10

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	2
≤5	1
≤6	10
≤7	14
≤8	12
≤9	19
≤10	10

VulDB

≤1	0
≤2	0
≤3	0
≤4	4
≤5	1
≤6	12
≤7	13
≤8	21
≤9	7
≤10	10

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	2
≤7	1
≤8	8
≤9	14
≤10	26

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	2
≤9	0
≤10	0

Fornitore

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploiter 0 giorni

<1k	3
<2k	27
<5k	38
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploiter aujourd'hui

<1k	67
<2k	1
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Sfrutta il volume del mercato

🔴 CTI Attività

Affected Products (4): Jackson (1), Jackson Databind (1), jackson-databind (65), jackson-dataformat-cbor (1)

Data di pubblicazione	Base	Temp	Vulnerabilità	Prod	Sfr	Con	EPSS	CTI	CVE
14/06/2023	6.5	6.5	FasterXML jackson-databind Cyclic Dependency escalazione di privilegi	Programming Language Software	Not Defined	Not Defined	0.00043	0.04	CVE-2023-35116
27/12/2022	7.2	7.0	FasterXML jackson-databind ignite-jta/quartz-core escalazione di privilegi	Programming Language Software	Not Defined	Official Fix	0.00402	0.03	CVE-2020-10650
02/10/2022	3.5	3.4	FasterXML jackson-databind Array BeanDeserializer._deserializeFromArray denial of service	Programming Language Software	Not Defined	Official Fix	0.00243	0.00	CVE-2022-42004
02/10/2022	5.5	5.4	FasterXML jackson-databind Deserialize denial of service	Programming Language Software	Not Defined	Official Fix	0.00233	0.03	CVE-2022-42003
11/03/2022	3.5	3.4	FasterXML jackson-databind Java denial of service	Programming Language Software	Not Defined	Official Fix	0.00218	0.00	CVE-2020-36518
18/02/2021	5.3	5.1	FasterXML jackson-dataformat-cbor buffer overflow	Programming Language Software	Not Defined	Official Fix	0.00110	0.02	CVE-2020-28491
20/01/2021	6.8	6.5	FasterXML jackson-databind escalazione di privilegi	Programming Language Software	Not Defined	Official Fix	0.00431	0.04	CVE-2021-20190
07/01/2021	6.3	6.3	FasterXML jackson-databind Privilege Escalation	Programming Language Software	Not Defined	Official Fix	0.00262	0.00	CVE-2020-36189
07/01/2021	6.3	6.3	FasterXML jackson-databind Privilege Escalation	Programming Language Software	Not Defined	Official Fix	0.00262	0.00	CVE-2020-36188
07/01/2021	6.3	6.3	FasterXML jackson-databind Privilege Escalation	Programming Language Software	Not Defined	Official Fix	0.00262	0.00	CVE-2020-36187

58 non vengono visualizzate più voci

🔒 Login Required

You need to signup and login to see more of the remaining 58 results.

◂ PrecedenteVisione D'insiemeIl prossimo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!