CVE-2020-14061 -- jackson-databindID: oval:org.secpod.oval:def:2003905 | Date: (C)2020-10-08 (M)2023-11-13 |
Class: VULNERABILITY | Family: unix |
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory .
Platform: |
Debian 10.x |
Debian 9.x |
Product: |
libjackson2-databind-java |