{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/11739?format=json","vulnerability_id":"VCID-uhnv-3cny-qkgx","summary":"Unsafe Deserialization in jackson-databind\nFasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS`.","aliases":[{"alias":"CVE-2020-36179"},{"alias":"GHSA-9gph-22xh-8x98"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/925807?format=json","purl":"pkg:deb/debian/jackson-databind@2.12.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.12.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/925795?format=json","purl":"pkg:deb/debian/jackson-databind@2.12.1-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cup-9gdn-yyhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.12.1-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1049531?format=json","purl":"pkg:deb/debian/jackson-databind@2.12.1-1%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cup-9gdn-yyhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.12.1-1%252Bdeb11u1"},{"url":"http://public2.vulnerablecode.io/api/packages/925793?format=json","purl":"pkg:deb/debian/jackson-databind@2.14.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.14.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/925796?format=json","purl":"pkg:deb/debian/jackson-databind@2.14.0%2Bds-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.14.0%252Bds-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42026?format=json","purl":"pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.6.7.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16af-yv1z-xufy"},{"vulnerability":"VCID-5r6v-ej7d-ubgv"},{"vulnerability":"VCID-6zee-aqcc-vfbp"},{"vulnerability":"VCID-8h7y-y4pv-cyd3"},{"vulnerability":"VCID-8jw8-6tev-aqgm"},{"vulnerability":"VCID-8tmq-zbmb-m7h4"},{"vulnerability":"VCID-96pq-m4f3-zbad"},{"vulnerability":"VCID-9h46-72hw-bkcr"},{"vulnerability":"VCID-avut-gmwd-jqfp"},{"vulnerability":"VCID-bypv-wfhs-sbe4"},{"vulnerability":"VCID-ceub-d4s9-dkcd"},{"vulnerability":"VCID-cytp-mr4h-g3ds"},{"vulnerability":"VCID-hwnx-vf4v-f3db"},{"vulnerability":"VCID-jcgb-bewy-4kff"},{"vulnerability":"VCID-jx9y-fyfm-bqdr"},{"vulnerability":"VCID-svkb-adja-qfef"},{"vulnerability":"VCID-swqd-uk56-wkat"},{"vulnerability":"VCID-tm7y-tnx3-43dq"},{"vulnerability":"VCID-ukwd-7rkh-sfhj"},{"vulnerability":"VCID-unwq-s63h-uuaw"},{"vulnerability":"VCID-v2pq-1qhm-4qb9"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-wds4-urpb-euby"},{"vulnerability":"VCID-x6g1-qw1v-jbas"},{"vulnerability":"VCID-ypbt-p34k-hfbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.6.7.5"},{"url":"http://public2.vulnerablecode.io/api/packages/41767?format=json","purl":"pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9h46-72hw-bkcr"},{"vulnerability":"VCID-v2pq-1qhm-4qb9"},{"vulnerability":"VCID-v6ek-y7cn-kycd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035607?format=json","purl":"pkg:deb/debian/jackson-databind@2.4.2-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16af-yv1z-xufy"},{"vulnerability":"VCID-2qzn-mkhg-1qh3"},{"vulnerability":"VCID-2x39-rsxh-rkgw"},{"vulnerability":"VCID-3qjf-azsa-fbek"},{"vulnerability":"VCID-3wa1-khqf-x7fv"},{"vulnerability":"VCID-4an1-3hs5-3yd6"},{"vulnerability":"VCID-4vx2-s262-ckbp"},{"vulnerability":"VCID-56sb-829v-6qbz"},{"vulnerability":"VCID-5qfd-jjh1-d3fx"},{"vulnerability":"VCID-5r6v-ej7d-ubgv"},{"vulnerability":"VCID-5te6-415m-c7df"},{"vulnerability":"VCID-6xn4-4gfc-tbgj"},{"vulnerability":"VCID-6zee-aqcc-vfbp"},{"vulnerability":"VCID-75mz-c1ds-vqed"},{"vulnerability":"VCID-7qga-wsz6-kqcn"},{"vulnerability":"VCID-8h7y-y4pv-cyd3"},{"vulnerability":"VCID-8ns6-kacn-dkeg"},{"vulnerability":"VCID-8tmq-zbmb-m7h4"},{"vulnerability":"VCID-96pq-m4f3-zbad"},{"vulnerability":"VCID-9h46-72hw-bkcr"},{"vulnerability":"VCID-9qdt-7p83-4yd8"},{"vulnerability":"VCID-9wej-f7zx-pfeq"},{"vulnerability":"VCID-a5sk-5grx-eyaf"},{"vulnerability":"VCID-avut-gmwd-jqfp"},{"vulnerability":"VCID-bc2x-rwrd-tya6"},{"vulnerability":"VCID-bydt-bkf4-rbh2"},{"vulnerability":"VCID-bypv-wfhs-sbe4"},{"vulnerability":"VCID-ceub-d4s9-dkcd"},{"vulnerability":"VCID-cytp-mr4h-g3ds"},{"vulnerability":"VCID-ec58-s3nd-7yaz"},{"vulnerability":"VCID-fafy-ugq3-cfbn"},{"vulnerability":"VCID-g6up-yqg8-nbep"},{"vulnerability":"VCID-g8gt-d7gz-13e6"},{"vulnerability":"VCID-gtzx-y5f1-vye3"},{"vulnerability":"VCID-hwnx-vf4v-f3db"},{"vulnerability":"VCID-jcgb-bewy-4kff"},{"vulnerability":"VCID-jvp6-892x-nkc7"},{"vulnerability":"VCID-jx9y-fyfm-bqdr"},{"vulnerability":"VCID-m7jp-7n22-4qg8"},{"vulnerability":"VCID-pnt3-1ssq-tqau"},{"vulnerability":"VCID-ruae-hqdg-m7ek"},{"vulnerability":"VCID-svkb-adja-qfef"},{"vulnerability":"VCID-sw29-epz3-g7ep"},{"vulnerability":"VCID-swqd-uk56-wkat"},{"vulnerability":"VCID-tkej-jh51-s7g5"},{"vulnerability":"VCID-tm7y-tnx3-43dq"},{"vulnerability":"VCID-twvp-wxff-zka2"},{"vulnerability":"VCID-u87p-2xgz-e3fj"},{"vulnerability":"VCID-uhnv-3cny-qkgx"},{"vulnerability":"VCID-ukwd-7rkh-sfhj"},{"vulnerability":"VCID-unwq-s63h-uuaw"},{"vulnerability":"VCID-uygc-h93v-vuh8"},{"vulnerability":"VCID-v2pq-1qhm-4qb9"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-v84e-sf92-dqa1"},{"vulnerability":"VCID-w51e-ntqd-8bbg"},{"vulnerability":"VCID-wdgx-34uc-2qa4"},{"vulnerability":"VCID-wds4-urpb-euby"},{"vulnerability":"VCID-wg36-q48g-mkds"},{"vulnerability":"VCID-x4fr-ena4-47fe"},{"vulnerability":"VCID-x6g1-qw1v-jbas"},{"vulnerability":"VCID-x8c2-2u1w-yyfn"},{"vulnerability":"VCID-xnyb-nuwm-pkdr"},{"vulnerability":"VCID-ygs8-4gxq-kygq"},{"vulnerability":"VCID-yp37-9z2d-akaj"},{"vulnerability":"VCID-ypbt-p34k-hfbc"},{"vulnerability":"VCID-zdwv-ycey-myfc"},{"vulnerability":"VCID-ze79-6kcg-nfcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.4.2-2"},{"url":"http://public2.vulnerablecode.io/api/packages/1035608?format=json","purl":"pkg:deb/debian/jackson-databind@2.4.2-2%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16af-yv1z-xufy"},{"vulnerability":"VCID-2qzn-mkhg-1qh3"},{"vulnerability":"VCID-2x39-rsxh-rkgw"},{"vulnerability":"VCID-3qjf-azsa-fbek"},{"vulnerability":"VCID-3wa1-khqf-x7fv"},{"vulnerability":"VCID-4an1-3hs5-3yd6"},{"vulnerability":"VCID-4vx2-s262-ckbp"},{"vulnerability":"VCID-56sb-829v-6qbz"},{"vulnerability":"VCID-5qfd-jjh1-d3fx"},{"vulnerability":"VCID-5r6v-ej7d-ubgv"},{"vulnerability":"VCID-5te6-415m-c7df"},{"vulnerability":"VCID-6xn4-4gfc-tbgj"},{"vulnerability":"VCID-6zee-aqcc-vfbp"},{"vulnerability":"VCID-75mz-c1ds-vqed"},{"vulnerability":"VCID-7qga-wsz6-kqcn"},{"vulnerability":"VCID-8h7y-y4pv-cyd3"},{"vulnerability":"VCID-8ns6-kacn-dkeg"},{"vulnerability":"VCID-8tmq-zbmb-m7h4"},{"vulnerability":"VCID-96pq-m4f3-zbad"},{"vulnerability":"VCID-9h46-72hw-bkcr"},{"vulnerability":"VCID-9qdt-7p83-4yd8"},{"vulnerability":"VCID-9wej-f7zx-pfeq"},{"vulnerability":"VCID-a5sk-5grx-eyaf"},{"vulnerability":"VCID-avut-gmwd-jqfp"},{"vulnerability":"VCID-bc2x-rwrd-tya6"},{"vulnerability":"VCID-bydt-bkf4-rbh2"},{"vulnerability":"VCID-bypv-wfhs-sbe4"},{"vulnerability":"VCID-ceub-d4s9-dkcd"},{"vulnerability":"VCID-cytp-mr4h-g3ds"},{"vulnerability":"VCID-ec58-s3nd-7yaz"},{"vulnerability":"VCID-fafy-ugq3-cfbn"},{"vulnerability":"VCID-g6up-yqg8-nbep"},{"vulnerability":"VCID-g8gt-d7gz-13e6"},{"vulnerability":"VCID-gtzx-y5f1-vye3"},{"vulnerability":"VCID-hwnx-vf4v-f3db"},{"vulnerability":"VCID-jcgb-bewy-4kff"},{"vulnerability":"VCID-jvp6-892x-nkc7"},{"vulnerability":"VCID-jx9y-fyfm-bqdr"},{"vulnerability":"VCID-m7jp-7n22-4qg8"},{"vulnerability":"VCID-pnt3-1ssq-tqau"},{"vulnerability":"VCID-ruae-hqdg-m7ek"},{"vulnerability":"VCID-svkb-adja-qfef"},{"vulnerability":"VCID-sw29-epz3-g7ep"},{"vulnerability":"VCID-swqd-uk56-wkat"},{"vulnerability":"VCID-tkej-jh51-s7g5"},{"vulnerability":"VCID-tm7y-tnx3-43dq"},{"vulnerability":"VCID-twvp-wxff-zka2"},{"vulnerability":"VCID-u87p-2xgz-e3fj"},{"vulnerability":"VCID-uhnv-3cny-qkgx"},{"vulnerability":"VCID-ukwd-7rkh-sfhj"},{"vulnerability":"VCID-unwq-s63h-uuaw"},{"vulnerability":"VCID-uygc-h93v-vuh8"},{"vulnerability":"VCID-v2pq-1qhm-4qb9"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-v84e-sf92-dqa1"},{"vulnerability":"VCID-w51e-ntqd-8bbg"},{"vulnerability":"VCID-wdgx-34uc-2qa4"},{"vulnerability":"VCID-wds4-urpb-euby"},{"vulnerability":"VCID-wg36-q48g-mkds"},{"vulnerability":"VCID-x4fr-ena4-47fe"},{"vulnerability":"VCID-x6g1-qw1v-jbas"},{"vulnerability":"VCID-x8c2-2u1w-yyfn"},{"vulnerability":"VCID-xnyb-nuwm-pkdr"},{"vulnerability":"VCID-ygs8-4gxq-kygq"},{"vulnerability":"VCID-yp37-9z2d-akaj"},{"vulnerability":"VCID-ypbt-p34k-hfbc"},{"vulnerability":"VCID-zdwv-ycey-myfc"},{"vulnerability":"VCID-ze79-6kcg-nfcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.4.2-2%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1036870?format=json","purl":"pkg:deb/debian/jackson-databind@2.8.6-1%2Bdeb9u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16af-yv1z-xufy"},{"vulnerability":"VCID-2qzn-mkhg-1qh3"},{"vulnerability":"VCID-2x39-rsxh-rkgw"},{"vulnerability":"VCID-3qjf-azsa-fbek"},{"vulnerability":"VCID-3wa1-khqf-x7fv"},{"vulnerability":"VCID-4an1-3hs5-3yd6"},{"vulnerability":"VCID-4vx2-s262-ckbp"},{"vulnerability":"VCID-56sb-829v-6qbz"},{"vulnerability":"VCID-5qfd-jjh1-d3fx"},{"vulnerability":"VCID-5r6v-ej7d-ubgv"},{"vulnerability":"VCID-5te6-415m-c7df"},{"vulnerability":"VCID-6xn4-4gfc-tbgj"},{"vulnerability":"VCID-6zee-aqcc-vfbp"},{"vulnerability":"VCID-75mz-c1ds-vqed"},{"vulnerability":"VCID-7qga-wsz6-kqcn"},{"vulnerability":"VCID-8h7y-y4pv-cyd3"},{"vulnerability":"VCID-8ns6-kacn-dkeg"},{"vulnerability":"VCID-8tmq-zbmb-m7h4"},{"vulnerability":"VCID-96pq-m4f3-zbad"},{"vulnerability":"VCID-9h46-72hw-bkcr"},{"vulnerability":"VCID-9qdt-7p83-4yd8"},{"vulnerability":"VCID-9wej-f7zx-pfeq"},{"vulnerability":"VCID-a5sk-5grx-eyaf"},{"vulnerability":"VCID-avut-gmwd-jqfp"},{"vulnerability":"VCID-bc2x-rwrd-tya6"},{"vulnerability":"VCID-bydt-bkf4-rbh2"},{"vulnerability":"VCID-bypv-wfhs-sbe4"},{"vulnerability":"VCID-ceub-d4s9-dkcd"},{"vulnerability":"VCID-cytp-mr4h-g3ds"},{"vulnerability":"VCID-ec58-s3nd-7yaz"},{"vulnerability":"VCID-fafy-ugq3-cfbn"},{"vulnerability":"VCID-g6up-yqg8-nbep"},{"vulnerability":"VCID-g8gt-d7gz-13e6"},{"vulnerability":"VCID-gtzx-y5f1-vye3"},{"vulnerability":"VCID-hwnx-vf4v-f3db"},{"vulnerability":"VCID-jcgb-bewy-4kff"},{"vulnerability":"VCID-jvp6-892x-nkc7"},{"vulnerability":"VCID-jx9y-fyfm-bqdr"},{"vulnerability":"VCID-m7jp-7n22-4qg8"},{"vulnerability":"VCID-pnt3-1ssq-tqau"},{"vulnerability":"VCID-ruae-hqdg-m7ek"},{"vulnerability":"VCID-svkb-adja-qfef"},{"vulnerability":"VCID-sw29-epz3-g7ep"},{"vulnerability":"VCID-swqd-uk56-wkat"},{"vulnerability":"VCID-tkej-jh51-s7g5"},{"vulnerability":"VCID-tm7y-tnx3-43dq"},{"vulnerability":"VCID-twvp-wxff-zka2"},{"vulnerability":"VCID-u87p-2xgz-e3fj"},{"vulnerability":"VCID-uhnv-3cny-qkgx"},{"vulnerability":"VCID-ukwd-7rkh-sfhj"},{"vulnerability":"VCID-unwq-s63h-uuaw"},{"vulnerability":"VCID-uygc-h93v-vuh8"},{"vulnerability":"VCID-v2pq-1qhm-4qb9"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-v84e-sf92-dqa1"},{"vulnerability":"VCID-w51e-ntqd-8bbg"},{"vulnerability":"VCID-wdgx-34uc-2qa4"},{"vulnerability":"VCID-wds4-urpb-euby"},{"vulnerability":"VCID-wg36-q48g-mkds"},{"vulnerability":"VCID-x4fr-ena4-47fe"},{"vulnerability":"VCID-x6g1-qw1v-jbas"},{"vulnerability":"VCID-x8c2-2u1w-yyfn"},{"vulnerability":"VCID-xnyb-nuwm-pkdr"},{"vulnerability":"VCID-ygs8-4gxq-kygq"},{"vulnerability":"VCID-yp37-9z2d-akaj"},{"vulnerability":"VCID-ypbt-p34k-hfbc"},{"vulnerability":"VCID-zdwv-ycey-myfc"},{"vulnerability":"VCID-ze79-6kcg-nfcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.8.6-1%252Bdeb9u7"},{"url":"http://public2.vulnerablecode.io/api/packages/1037832?format=json","purl":"pkg:deb/debian/jackson-databind@2.9.8-3%2Bdeb10u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16af-yv1z-xufy"},{"vulnerability":"VCID-2qzn-mkhg-1qh3"},{"vulnerability":"VCID-3qjf-azsa-fbek"},{"vulnerability":"VCID-3wa1-khqf-x7fv"},{"vulnerability":"VCID-4an1-3hs5-3yd6"},{"vulnerability":"VCID-4vx2-s262-ckbp"},{"vulnerability":"VCID-5qfd-jjh1-d3fx"},{"vulnerability":"VCID-5te6-415m-c7df"},{"vulnerability":"VCID-6xn4-4gfc-tbgj"},{"vulnerability":"VCID-7qga-wsz6-kqcn"},{"vulnerability":"VCID-8h7y-y4pv-cyd3"},{"vulnerability":"VCID-8ns6-kacn-dkeg"},{"vulnerability":"VCID-8tmq-zbmb-m7h4"},{"vulnerability":"VCID-96pq-m4f3-zbad"},{"vulnerability":"VCID-9h46-72hw-bkcr"},{"vulnerability":"VCID-9qdt-7p83-4yd8"},{"vulnerability":"VCID-a5sk-5grx-eyaf"},{"vulnerability":"VCID-avut-gmwd-jqfp"},{"vulnerability":"VCID-bydt-bkf4-rbh2"},{"vulnerability":"VCID-bypv-wfhs-sbe4"},{"vulnerability":"VCID-cytp-mr4h-g3ds"},{"vulnerability":"VCID-ec58-s3nd-7yaz"},{"vulnerability":"VCID-gtzx-y5f1-vye3"},{"vulnerability":"VCID-hwnx-vf4v-f3db"},{"vulnerability":"VCID-jcgb-bewy-4kff"},{"vulnerability":"VCID-jvp6-892x-nkc7"},{"vulnerability":"VCID-jx9y-fyfm-bqdr"},{"vulnerability":"VCID-pnt3-1ssq-tqau"},{"vulnerability":"VCID-ruae-hqdg-m7ek"},{"vulnerability":"VCID-svkb-adja-qfef"},{"vulnerability":"VCID-swqd-uk56-wkat"},{"vulnerability":"VCID-tkej-jh51-s7g5"},{"vulnerability":"VCID-tm7y-tnx3-43dq"},{"vulnerability":"VCID-twvp-wxff-zka2"},{"vulnerability":"VCID-u87p-2xgz-e3fj"},{"vulnerability":"VCID-uhnv-3cny-qkgx"},{"vulnerability":"VCID-ukwd-7rkh-sfhj"},{"vulnerability":"VCID-uygc-h93v-vuh8"},{"vulnerability":"VCID-v2pq-1qhm-4qb9"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-w51e-ntqd-8bbg"},{"vulnerability":"VCID-wdgx-34uc-2qa4"},{"vulnerability":"VCID-wds4-urpb-euby"},{"vulnerability":"VCID-wg36-q48g-mkds"},{"vulnerability":"VCID-x4fr-ena4-47fe"},{"vulnerability":"VCID-x8c2-2u1w-yyfn"},{"vulnerability":"VCID-xnyb-nuwm-pkdr"},{"vulnerability":"VCID-yp37-9z2d-akaj"},{"vulnerability":"VCID-ypbt-p34k-hfbc"},{"vulnerability":"VCID-ze79-6kcg-nfcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.9.8-3%252Bdeb10u3"},{"url":"http://public2.vulnerablecode.io/api/packages/37271?format=json","purl":"pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16af-yv1z-xufy"},{"vulnerability":"VCID-2x39-rsxh-rkgw"},{"vulnerability":"VCID-4an1-3hs5-3yd6"},{"vulnerability":"VCID-4vx2-s262-ckbp"},{"vulnerability":"VCID-56sb-829v-6qbz"},{"vulnerability":"VCID-5qfd-jjh1-d3fx"},{"vulnerability":"VCID-5r6v-ej7d-ubgv"},{"vulnerability":"VCID-5te6-415m-c7df"},{"vulnerability":"VCID-6zee-aqcc-vfbp"},{"vulnerability":"VCID-75mz-c1ds-vqed"},{"vulnerability":"VCID-7qga-wsz6-kqcn"},{"vulnerability":"VCID-8h7y-y4pv-cyd3"},{"vulnerability":"VCID-8jw8-6tev-aqgm"},{"vulnerability":"VCID-8tmq-zbmb-m7h4"},{"vulnerability":"VCID-96pq-m4f3-zbad"},{"vulnerability":"VCID-9wej-f7zx-pfeq"},{"vulnerability":"VCID-avut-gmwd-jqfp"},{"vulnerability":"VCID-bypv-wfhs-sbe4"},{"vulnerability":"VCID-ceub-d4s9-dkcd"},{"vulnerability":"VCID-cytp-mr4h-g3ds"},{"vulnerability":"VCID-g6up-yqg8-nbep"},{"vulnerability":"VCID-gtzx-y5f1-vye3"},{"vulnerability":"VCID-hwnx-vf4v-f3db"},{"vulnerability":"VCID-jcgb-bewy-4kff"},{"vulnerability":"VCID-jvp6-892x-nkc7"},{"vulnerability":"VCID-jx9y-fyfm-bqdr"},{"vulnerability":"VCID-ruae-hqdg-m7ek"},{"vulnerability":"VCID-svkb-adja-qfef"},{"vulnerability":"VCID-swqd-uk56-wkat"},{"vulnerability":"VCID-tm7y-tnx3-43dq"},{"vulnerability":"VCID-u87p-2xgz-e3fj"},{"vulnerability":"VCID-uhnv-3cny-qkgx"},{"vulnerability":"VCID-ukwd-7rkh-sfhj"},{"vulnerability":"VCID-unwq-s63h-uuaw"},{"vulnerability":"VCID-v2pq-1qhm-4qb9"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-v84e-sf92-dqa1"},{"vulnerability":"VCID-wds4-urpb-euby"},{"vulnerability":"VCID-x6g1-qw1v-jbas"},{"vulnerability":"VCID-x8c2-2u1w-yyfn"},{"vulnerability":"VCID-xnyb-nuwm-pkdr"},{"vulnerability":"VCID-ygs8-4gxq-kygq"},{"vulnerability":"VCID-yp37-9z2d-akaj"},{"vulnerability":"VCID-ypbt-p34k-hfbc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/26374?format=json","purl":"pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16af-yv1z-xufy"},{"vulnerability":"VCID-2ev8-r6cx-a3an"},{"vulnerability":"VCID-2x39-rsxh-rkgw"},{"vulnerability":"VCID-4an1-3hs5-3yd6"},{"vulnerability":"VCID-4vx2-s262-ckbp"},{"vulnerability":"VCID-56sb-829v-6qbz"},{"vulnerability":"VCID-5qfd-jjh1-d3fx"},{"vulnerability":"VCID-5r6v-ej7d-ubgv"},{"vulnerability":"VCID-5te6-415m-c7df"},{"vulnerability":"VCID-6xn4-4gfc-tbgj"},{"vulnerability":"VCID-6zee-aqcc-vfbp"},{"vulnerability":"VCID-75mz-c1ds-vqed"},{"vulnerability":"VCID-7qga-wsz6-kqcn"},{"vulnerability":"VCID-8h7y-y4pv-cyd3"},{"vulnerability":"VCID-8jw8-6tev-aqgm"},{"vulnerability":"VCID-8ns6-kacn-dkeg"},{"vulnerability":"VCID-8tmq-zbmb-m7h4"},{"vulnerability":"VCID-96pq-m4f3-zbad"},{"vulnerability":"VCID-9h46-72hw-bkcr"},{"vulnerability":"VCID-9qdt-7p83-4yd8"},{"vulnerability":"VCID-9wej-f7zx-pfeq"},{"vulnerability":"VCID-avut-gmwd-jqfp"},{"vulnerability":"VCID-bydt-bkf4-rbh2"},{"vulnerability":"VCID-bypv-wfhs-sbe4"},{"vulnerability":"VCID-ceub-d4s9-dkcd"},{"vulnerability":"VCID-cytp-mr4h-g3ds"},{"vulnerability":"VCID-ec58-s3nd-7yaz"},{"vulnerability":"VCID-fafy-ugq3-cfbn"},{"vulnerability":"VCID-g6up-yqg8-nbep"},{"vulnerability":"VCID-g8gt-d7gz-13e6"},{"vulnerability":"VCID-gtzx-y5f1-vye3"},{"vulnerability":"VCID-hwnx-vf4v-f3db"},{"vulnerability":"VCID-jcgb-bewy-4kff"},{"vulnerability":"VCID-jx9y-fyfm-bqdr"},{"vulnerability":"VCID-m7jp-7n22-4qg8"},{"vulnerability":"VCID-svkb-adja-qfef"},{"vulnerability":"VCID-sw29-epz3-g7ep"},{"vulnerability":"VCID-swqd-uk56-wkat"},{"vulnerability":"VCID-tm7y-tnx3-43dq"},{"vulnerability":"VCID-u87p-2xgz-e3fj"},{"vulnerability":"VCID-uhnv-3cny-qkgx"},{"vulnerability":"VCID-ukwd-7rkh-sfhj"},{"vulnerability":"VCID-unwq-s63h-uuaw"},{"vulnerability":"VCID-v2pq-1qhm-4qb9"},{"vulnerability":"VCID-v6ek-y7cn-kycd"},{"vulnerability":"VCID-v84e-sf92-dqa1"},{"vulnerability":"VCID-wds4-urpb-euby"},{"vulnerability":"VCID-x6g1-qw1v-jbas"},{"vulnerability":"VCID-x8c2-2u1w-yyfn"},{"vulnerability":"VCID-xnyb-nuwm-pkdr"},{"vulnerability":"VCID-ygs8-4gxq-kygq"},{"vulnerability":"VCID-yp37-9z2d-akaj"},{"vulnerability":"VCID-ypbt-p34k-hfbc"},{"vulnerability":"VCID-zdwv-ycey-myfc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.0"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36179.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36179.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-36179","reference_id":"","reference_type":"","scores":[{"value":"0.60256","scoring_system":"epss","scoring_elements":"0.98299","published_at":"2026-05-14T12:55:00Z"},{"value":"0.60256","scoring_system":"epss","scoring_elements":"0.98298","published_at":"2026-05-12T12:55:00Z"},{"value":"0.60256","scoring_system":"epss","scoring_elements":"0.98261","published_at":"2026-04-01T12:55:00Z"},{"value":"0.60256","scoring_system":"epss","scoring_elements":"0.98273","published_at":"2026-04-09T12:55:00Z"},{"value":"0.60256","scoring_system":"epss","scoring_elements":"0.98272","published_at":"2026-04-08T12:55:00Z"},{"value":"0.60256","scoring_system":"epss","scoring_elements":"0.98267","published_at":"2026-04-07T12:55:00Z"},{"value":"0.60256","scoring_system":"epss","scoring_elements":"0.98264","published_at":"2026-04-02T12:55:00Z"},{"value":"0.60256","scoring_system":"epss","scoring_elements":"0.98287","published_at":"2026-04-26T12:55:00Z"},{"value":"0.60256","scoring_system":"epss","scoring_elements":"0.98285","published_at":"2026-04-24T12:55:00Z"},{"value":"0.60256","scoring_system":"epss","scoring_elements":"0.98283","published_at":"2026-04-21T12:55:00Z"},{"value":"0.60256","scoring_system":"epss","scoring_elements":"0.98277","published_at":"2026-04-13T12:55:00Z"},{"value":"0.60256","scoring_system":"epss","scoring_elements":"0.98276","published_at":"2026-04-11T12:55:00Z"},{"value":"0.61883","scoring_system":"epss","scoring_elements":"0.98357","published_at":"2026-05-09T12:55:00Z"},{"value":"0.61883","scoring_system":"epss","scoring_elements":"0.98354","published_at":"2026-05-07T12:55:00Z"},{"value":"0.61883","scoring_system":"epss","scoring_elements":"0.9835","published_at":"2026-04-29T12:55:00Z"},{"value":"0.61883","scoring_system":"epss","scoring_elements":"0.98356","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-36179"},{"reference_url":"https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:53Z/"}],"url":"https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36179","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36179"},{"reference_url":"https://github.com/FasterXML/jackson-databind","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FasterXML/jackson-databind"},{"reference_url":"https://github.com/FasterXML/jackson-databind/commit/3ded28aece694d0df39c9f0fa1ff385b14a8656b","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FasterXML/jackson-databind/commit/3ded28aece694d0df39c9f0fa1ff385b14a8656b"},{"reference_url":"https://github.com/FasterXML/jackson-databind/issues/3004","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:53Z/"}],"url":"https://github.com/FasterXML/jackson-databind/issues/3004"},{"reference_url":"https://lists.apache.org/thread.html/rc255f41d9a61d3dc79a51fb5c713de4ae10e71e3673feeb0b180b436@%3Cissues.spark.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rc255f41d9a61d3dc79a51fb5c713de4ae10e71e3673feeb0b180b436@%3Cissues.spark.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:53Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210205-0005","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20210205-0005"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210205-0005/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:53Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210205-0005/"},{"reference_url":"https://www.oracle.com/security-alerts/cpuApr2021.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:53Z/"}],"url":"https://www.oracle.com/security-alerts/cpuApr2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2022.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:53Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2022.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:53Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2022.html"},{"reference_url":"https://www.oracle.com//security-alerts/cpujul2021.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:53Z/"}],"url":"https://www.oracle.com//security-alerts/cpujul2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:53Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2021.html","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:53Z/"}],"url":"https://www.oracle.com/security-alerts/cpuoct2021.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1913871","reference_id":"1913871","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1913871"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-36179","reference_id":"CVE-2020-36179","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-36179"},{"reference_url":"https://github.com/advisories/GHSA-9gph-22xh-8x98","reference_id":"GHSA-9gph-22xh-8x98","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9gph-22xh-8x98"},{"reference_url":"https://lists.apache.org/thread.html/rc255f41d9a61d3dc79a51fb5c713de4ae10e71e3673feeb0b180b436%40%3Cissues.spark.apache.org%3E","reference_id":"rc255f41d9a61d3dc79a51fb5c713de4ae10e71e3673feeb0b180b436%40%3Cissues.spark.apache.org%3E","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:53Z/"}],"url":"https://lists.apache.org/thread.html/rc255f41d9a61d3dc79a51fb5c713de4ae10e71e3673feeb0b180b436%40%3Cissues.spark.apache.org%3E"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1230","reference_id":"RHSA-2021:1230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1515","reference_id":"RHSA-2021:1515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1515"}],"weaknesses":[{"cwe_id":502,"name":"Deserialization of Untrusted Data","description":"The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."}],"exploits":[],"severity_range_score":"7.0 - 8.9","exploitability":"0.5","weighted_severity":"8.0","risk_score":4.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uhnv-3cny-qkgx"}