CVE-2020-10672 – jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution
https://notcve.org/view.php?id=CVE-2020-10672
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). FasterXML jackson-databind versiones 2.x anteriores a 2.9.10.4, maneja inapropiadamente la interacción entre los gadgets de serialización y escritura, relacionados con org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (también se conoce como aries.transaction.jms). A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • https://github.com/FasterXML/jackson-databind/issues/2659 https://lists.debian.org/debian-lts-announce/2020/03/msg00027.html https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 https://security.netapp.com/advisory/ntap-20200403-0002 https://www.oracle.com/security-alerts/cpujan2021.html https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/security-alerts/cpuoct2020.html https://www.oracle.com/security-alerts/cpuoct2021 • CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') CWE-502: Deserialization of Untrusted Data •
CVE-2020-10673 – jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution
https://notcve.org/view.php?id=CVE-2020-10673
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus). FasterXML jackson-databind versiones 2.x anteriores a 2.9.10.4, maneja inapropiadamente la interacción entre los gadgets de serialización y escritura, relacionada con com.caucho.config.types.ResourceRef (también se conoce como caucho-quercus). A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • https://github.com/Al1ex/CVE-2020-10673 https://github.com/harry1080/CVE-2020-10673 https://github.com/FasterXML/jackson-databind/issues/2660 https://lists.debian.org/debian-lts-announce/2020/03/msg00027.html https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 https://security.netapp.com/advisory/ntap-20200403-0002 https://www.oracle.com/security-alerts/cpujan2021.html https://www.oracle.com/security-alerts/cpujul2020.html https:/ • CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') CWE-502: Deserialization of Untrusted Data •
CVE-2020-9546 – jackson-databind: Serialization gadgets in shaded-hikari-config
https://notcve.org/view.php?id=CVE-2020-9546
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config). FasterXML jackson-databind versiones 2.x anteriores a 2.9.10.4 maneja inapropiadamente la interacción entre la serialización de gadgets y el tipeo, relacionada a org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (también se conoce como shaded hikari-config). A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • https://github.com/FasterXML/jackson-databind/issues/2631 https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd%40%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r893a0104e50c1c2559eb9a5812add28ae8c3e5f43712947a9847ec18%40%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1%40%3Cdev.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb%40%3Cissues.zookeeper.apache.org%3E https: • CWE-502: Deserialization of Untrusted Data •
CVE-2020-9548 – jackson-databind: Serialization gadgets in anteros-core
https://notcve.org/view.php?id=CVE-2020-9548
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core). FasterXML jackson-databind versiones 2.x anteriores a 2.9.10.4, maneja inapropiadamente la interacción entre la serialización de gadgets y el tipeo, relacionada a br.com.anteros.dbcp.AnterosDBCPConfig (también se conoce como anteros-core). A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • https://github.com/fairyming/CVE-2020-9548 https://github.com/FasterXML/jackson-databind/issues/2634 https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd%40%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1%40%3Cdev.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb%40%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rb6fecb5e96a6d61e175ff49f33f2713798dd05cf03067c169d195596& • CWE-502: Deserialization of Untrusted Data •
CVE-2020-7060 – global buffer-overflow in mbfl_filt_conv_big5_wchar
https://notcve.org/view.php?id=CVE-2020-7060
When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash. Cuando se usan determinadas funciones de mbstring para convertir codificaciones multibyte, en PHP versiones 7.2.x por debajo de 7.2.27, versiones 7.3.x por debajo de 7.3.14 y versiones 7.4.x por debajo de 7.4.2, es posible suministrar datos que causarán que la función mbfl_filt_conv_big5_wchar lea más allá del buffer asignado. Esto puede conllevar a una divulgación de información o bloqueo. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html https://bugs.php.net/bug.php?id=79037 https://lists.debian.org/debian-lts-announce/2020/02/msg00030.html https://seclists.org/bugtraq/2020/Feb/27 https://seclists.org/bugtraq/2020/Feb/31 https://seclists.org/bugtraq/2021/Jan/3 https://security.gentoo.org/glsa/202003-57 https://security.netapp.com/advisory/ntap-20200221-0002 https://usn.ubuntu.com/4279-1 https://www.debian.org/security/20 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •