CVE-2021-20190
A flaw was found in jackson-databind before 2.9.10.7. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.Enginsight
Vendor | Product | Version |
---|---|---|
fasterxml | jackson-databind | 𝑥 < 2.6.7.5 |
fasterxml | jackson-databind | 2.7.0 ≤ 𝑥 < 2.9.10.7 |
netapp | active_iq_unified_manager | - |
netapp | active_iq_unified_manager | - |
netapp | oncommand_api_services | - |
netapp | oncommand_insight | - |
netapp | service_level_manager | - |
apache | nifi | 1.7.0 ≤ 𝑥 ≤ 1.12.1 |
debian | debian_linux | 9.0 |
oracle | commerce_guided_search_and_experience_manager | 11.3.2 |
Debian Releases
Ubuntu Releases
Common Weakness Enumeration