Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/41842?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41842?format=api", "vulnerability_id": "VCID-fjz8-msfe-27hv", "summary": "Unsafe Deserialization in jackson-databind\nFasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to `oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS`.", "aliases": [ { "alias": "CVE-2020-36179" }, { "alias": "GHSA-9gph-22xh-8x98" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99883?format=api", "purl": "pkg:deb/debian/jackson-databind@2.12.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.12.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/511656?format=api", "purl": "pkg:deb/debian/jackson-databind@2.12.1-1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2841-dnfz-2qgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.12.1-1%252Bdeb11u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/99864?format=api", "purl": "pkg:deb/debian/jackson-databind@2.12.1-1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2841-dnfz-2qgm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.12.1-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99861?format=api", "purl": "pkg:deb/debian/jackson-databind@2.14.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.14.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99865?format=api", "purl": "pkg:deb/debian/jackson-databind@2.14.0%2Bds-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.14.0%252Bds-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076574?format=api", "purl": "pkg:deb/debian/jackson-databind@2.14.0%2Bds-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.14.0%252Bds-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/59746?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.6.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1uan-q6u8-affj" }, { "vulnerability": "VCID-5887-pcyq-nkht" }, { "vulnerability": "VCID-88hx-kauy-4fcy" }, { "vulnerability": "VCID-8ec9-5qt4-duat" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-8htk-33f4-4ufg" }, { "vulnerability": "VCID-8kwc-sxvr-skgp" }, { "vulnerability": "VCID-auzw-j1fc-jff8" }, { "vulnerability": "VCID-cnns-pjex-4ybt" }, { "vulnerability": "VCID-ez2q-xgz1-rkab" }, { "vulnerability": "VCID-fkct-tzwg-mkh8" }, { "vulnerability": "VCID-kdkp-1ucy-w3g1" }, { "vulnerability": "VCID-m3y5-xa6w-83b6" }, { "vulnerability": "VCID-nz1v-4hgs-6yge" }, { "vulnerability": "VCID-qx3m-tcqj-ukc2" }, { "vulnerability": "VCID-r94a-3fq2-efdg" }, { "vulnerability": "VCID-skd6-gqh8-sbba" }, { "vulnerability": "VCID-tfky-edec-13gw" }, { "vulnerability": "VCID-uzry-ts4t-fbc8" }, { "vulnerability": "VCID-vnh3-bvyq-13d6" }, { "vulnerability": "VCID-vqke-p81x-sffn" }, { "vulnerability": "VCID-w1c4-c4xs-yba4" }, { "vulnerability": "VCID-w7nq-y9sx-nfcc" }, { "vulnerability": "VCID-xqz3-k7ts-juck" }, { "vulnerability": "VCID-zm3q-aquc-pqg7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.6.7.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/59594?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-r94a-3fq2-efdg" }, { "vulnerability": "VCID-w1c4-c4xs-yba4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/289889?format=api", "purl": "pkg:deb/debian/jackson-databind@2.4.2-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18u1-9nc1-2feh" }, { "vulnerability": "VCID-1uan-q6u8-affj" }, { "vulnerability": "VCID-1z31-s1cu-bbh4" }, { "vulnerability": "VCID-2uzw-pn14-p7a1" }, { "vulnerability": "VCID-314g-t8xy-5khg" }, { "vulnerability": "VCID-39mg-y1k8-xbf9" }, { "vulnerability": "VCID-4mtm-6bjh-7ka1" }, { "vulnerability": "VCID-4r6g-jwvd-1ke5" }, { "vulnerability": "VCID-4x8s-rj62-tqca" }, { "vulnerability": "VCID-5887-pcyq-nkht" }, { "vulnerability": "VCID-58n5-hqdf-xff2" }, { "vulnerability": "VCID-62jb-3d7y-y7ae" }, { "vulnerability": "VCID-7pd3-dre3-wug9" }, { "vulnerability": "VCID-7svn-u8ub-4faw" }, { "vulnerability": "VCID-7t7w-fq26-auc7" }, { "vulnerability": "VCID-88hx-kauy-4fcy" }, { "vulnerability": "VCID-89dx-2s8k-mufw" }, { "vulnerability": "VCID-8ec9-5qt4-duat" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-8htk-33f4-4ufg" }, { "vulnerability": "VCID-8kwc-sxvr-skgp" }, { "vulnerability": "VCID-8mns-fyju-dqdr" }, { "vulnerability": "VCID-a7vm-mty5-9bhg" }, { "vulnerability": "VCID-auzw-j1fc-jff8" }, { "vulnerability": "VCID-c1uz-emh5-9fhe" }, { "vulnerability": "VCID-cnns-pjex-4ybt" }, { "vulnerability": "VCID-crra-28kn-mqab" }, { "vulnerability": "VCID-d6ez-jva8-hyag" }, { "vulnerability": "VCID-dd77-bpcr-zfam" }, { "vulnerability": "VCID-ez2q-xgz1-rkab" }, { "vulnerability": "VCID-fjz8-msfe-27hv" }, { "vulnerability": "VCID-fkct-tzwg-mkh8" }, { "vulnerability": "VCID-fqzk-v2gt-s7am" }, { "vulnerability": "VCID-gxpn-pz3c-gugf" }, { "vulnerability": "VCID-h324-unyb-sbac" }, { "vulnerability": "VCID-huxh-yrbr-s7bt" }, { "vulnerability": "VCID-jrfy-e6wv-1kbc" }, { "vulnerability": "VCID-kdkp-1ucy-w3g1" }, { "vulnerability": "VCID-m3y5-xa6w-83b6" }, { "vulnerability": "VCID-nz1v-4hgs-6yge" }, { "vulnerability": "VCID-p52x-ese3-qkha" }, { "vulnerability": "VCID-q6zd-khan-9yhj" }, { "vulnerability": "VCID-q7ye-13eq-vuhy" }, { "vulnerability": "VCID-qx3m-tcqj-ukc2" }, { "vulnerability": "VCID-r92s-4m4x-dqc7" }, { "vulnerability": "VCID-r94a-3fq2-efdg" }, { "vulnerability": "VCID-rfqz-nf3z-v3a3" }, { "vulnerability": "VCID-rg7k-kaxv-2ubx" }, { "vulnerability": "VCID-rsg7-5tup-4bd1" }, { "vulnerability": "VCID-s61k-e43h-13b5" }, { "vulnerability": "VCID-skd6-gqh8-sbba" }, { "vulnerability": "VCID-t4kd-zjrn-kueu" }, { "vulnerability": "VCID-t79w-jeyp-suaw" }, { "vulnerability": "VCID-tfky-edec-13gw" }, { "vulnerability": "VCID-u37s-5nn4-wqbx" }, { "vulnerability": "VCID-ujnp-2f3v-s3h3" }, { "vulnerability": "VCID-uzry-ts4t-fbc8" }, { "vulnerability": "VCID-vnh3-bvyq-13d6" }, { "vulnerability": "VCID-vqke-p81x-sffn" }, { "vulnerability": "VCID-w1c4-c4xs-yba4" }, { "vulnerability": "VCID-w5gg-jtut-qkcc" }, { "vulnerability": "VCID-wqg8-5kwe-vuem" }, { "vulnerability": "VCID-xqz3-k7ts-juck" }, { "vulnerability": "VCID-y3uj-myy6-kbha" }, { "vulnerability": "VCID-z9uf-p9w2-57fj" }, { "vulnerability": "VCID-zbfc-s76k-gfgv" }, { "vulnerability": "VCID-zm3q-aquc-pqg7" }, { "vulnerability": "VCID-zvn3-zvr5-buhg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.4.2-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/289891?format=api", "purl": "pkg:deb/debian/jackson-databind@2.4.2-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18u1-9nc1-2feh" }, { "vulnerability": "VCID-1uan-q6u8-affj" }, { "vulnerability": "VCID-1z31-s1cu-bbh4" }, { "vulnerability": "VCID-2uzw-pn14-p7a1" }, { "vulnerability": "VCID-314g-t8xy-5khg" }, { "vulnerability": "VCID-39mg-y1k8-xbf9" }, { "vulnerability": "VCID-4mtm-6bjh-7ka1" }, { "vulnerability": "VCID-4r6g-jwvd-1ke5" }, { "vulnerability": "VCID-4x8s-rj62-tqca" }, { "vulnerability": "VCID-5887-pcyq-nkht" }, { "vulnerability": "VCID-58n5-hqdf-xff2" }, { "vulnerability": "VCID-62jb-3d7y-y7ae" }, { "vulnerability": "VCID-7pd3-dre3-wug9" }, { "vulnerability": "VCID-7svn-u8ub-4faw" }, { "vulnerability": "VCID-7t7w-fq26-auc7" }, { "vulnerability": "VCID-88hx-kauy-4fcy" }, { "vulnerability": "VCID-89dx-2s8k-mufw" }, { "vulnerability": "VCID-8ec9-5qt4-duat" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-8htk-33f4-4ufg" }, { "vulnerability": "VCID-8kwc-sxvr-skgp" }, { "vulnerability": "VCID-8mns-fyju-dqdr" }, { "vulnerability": "VCID-a7vm-mty5-9bhg" }, { "vulnerability": "VCID-auzw-j1fc-jff8" }, { "vulnerability": "VCID-c1uz-emh5-9fhe" }, { "vulnerability": "VCID-cnns-pjex-4ybt" }, { "vulnerability": "VCID-crra-28kn-mqab" }, { "vulnerability": "VCID-d6ez-jva8-hyag" }, { "vulnerability": "VCID-dd77-bpcr-zfam" }, { "vulnerability": "VCID-ez2q-xgz1-rkab" }, { "vulnerability": "VCID-fjz8-msfe-27hv" }, { "vulnerability": "VCID-fkct-tzwg-mkh8" }, { "vulnerability": "VCID-fqzk-v2gt-s7am" }, { "vulnerability": "VCID-gxpn-pz3c-gugf" }, { "vulnerability": "VCID-h324-unyb-sbac" }, { "vulnerability": "VCID-huxh-yrbr-s7bt" }, { "vulnerability": "VCID-jrfy-e6wv-1kbc" }, { "vulnerability": "VCID-kdkp-1ucy-w3g1" }, { "vulnerability": "VCID-m3y5-xa6w-83b6" }, { "vulnerability": "VCID-nz1v-4hgs-6yge" }, { "vulnerability": "VCID-p52x-ese3-qkha" }, { "vulnerability": "VCID-q6zd-khan-9yhj" }, { "vulnerability": "VCID-q7ye-13eq-vuhy" }, { "vulnerability": "VCID-qx3m-tcqj-ukc2" }, { "vulnerability": "VCID-r92s-4m4x-dqc7" }, { "vulnerability": "VCID-r94a-3fq2-efdg" }, { "vulnerability": "VCID-rfqz-nf3z-v3a3" }, { "vulnerability": "VCID-rg7k-kaxv-2ubx" }, { "vulnerability": "VCID-rsg7-5tup-4bd1" }, { "vulnerability": "VCID-s61k-e43h-13b5" }, { "vulnerability": "VCID-skd6-gqh8-sbba" }, { "vulnerability": "VCID-t4kd-zjrn-kueu" }, { "vulnerability": "VCID-t79w-jeyp-suaw" }, { "vulnerability": "VCID-tfky-edec-13gw" }, { "vulnerability": "VCID-u37s-5nn4-wqbx" }, { "vulnerability": "VCID-ujnp-2f3v-s3h3" }, { "vulnerability": "VCID-uzry-ts4t-fbc8" }, { "vulnerability": "VCID-vnh3-bvyq-13d6" }, { "vulnerability": "VCID-vqke-p81x-sffn" }, { "vulnerability": "VCID-w1c4-c4xs-yba4" }, { "vulnerability": "VCID-w5gg-jtut-qkcc" }, { "vulnerability": "VCID-wqg8-5kwe-vuem" }, { "vulnerability": "VCID-xqz3-k7ts-juck" }, { "vulnerability": "VCID-y3uj-myy6-kbha" }, { "vulnerability": "VCID-z9uf-p9w2-57fj" }, { "vulnerability": "VCID-zbfc-s76k-gfgv" }, { "vulnerability": "VCID-zm3q-aquc-pqg7" }, { "vulnerability": "VCID-zvn3-zvr5-buhg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.4.2-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/515564?format=api", "purl": "pkg:deb/debian/jackson-databind@2.8.6-1%2Bdeb9u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18u1-9nc1-2feh" }, { "vulnerability": "VCID-1uan-q6u8-affj" }, { "vulnerability": "VCID-1z31-s1cu-bbh4" }, { "vulnerability": "VCID-2uzw-pn14-p7a1" }, { "vulnerability": "VCID-314g-t8xy-5khg" }, { "vulnerability": "VCID-39mg-y1k8-xbf9" }, { "vulnerability": "VCID-4mtm-6bjh-7ka1" }, { "vulnerability": "VCID-4r6g-jwvd-1ke5" }, { "vulnerability": "VCID-4x8s-rj62-tqca" }, { "vulnerability": "VCID-5887-pcyq-nkht" }, { "vulnerability": "VCID-58n5-hqdf-xff2" }, { "vulnerability": "VCID-62jb-3d7y-y7ae" }, { "vulnerability": "VCID-7pd3-dre3-wug9" }, { "vulnerability": "VCID-7svn-u8ub-4faw" }, { "vulnerability": "VCID-7t7w-fq26-auc7" }, { "vulnerability": "VCID-88hx-kauy-4fcy" }, { "vulnerability": "VCID-89dx-2s8k-mufw" }, { "vulnerability": "VCID-8ec9-5qt4-duat" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-8htk-33f4-4ufg" }, { "vulnerability": "VCID-8kwc-sxvr-skgp" }, { "vulnerability": "VCID-8mns-fyju-dqdr" }, { "vulnerability": "VCID-a7vm-mty5-9bhg" }, { "vulnerability": "VCID-auzw-j1fc-jff8" }, { "vulnerability": "VCID-c1uz-emh5-9fhe" }, { "vulnerability": "VCID-cnns-pjex-4ybt" }, { "vulnerability": "VCID-crra-28kn-mqab" }, { "vulnerability": "VCID-d6ez-jva8-hyag" }, { "vulnerability": "VCID-dd77-bpcr-zfam" }, { "vulnerability": "VCID-ez2q-xgz1-rkab" }, { "vulnerability": "VCID-fjz8-msfe-27hv" }, { "vulnerability": "VCID-fkct-tzwg-mkh8" }, { "vulnerability": "VCID-fqzk-v2gt-s7am" }, { "vulnerability": "VCID-gxpn-pz3c-gugf" }, { "vulnerability": "VCID-h324-unyb-sbac" }, { "vulnerability": "VCID-huxh-yrbr-s7bt" }, { "vulnerability": "VCID-jrfy-e6wv-1kbc" }, { "vulnerability": "VCID-kdkp-1ucy-w3g1" }, { "vulnerability": "VCID-m3y5-xa6w-83b6" }, { "vulnerability": "VCID-nz1v-4hgs-6yge" }, { "vulnerability": "VCID-p52x-ese3-qkha" }, { "vulnerability": "VCID-q6zd-khan-9yhj" }, { "vulnerability": "VCID-q7ye-13eq-vuhy" }, { "vulnerability": "VCID-qx3m-tcqj-ukc2" }, { "vulnerability": "VCID-r92s-4m4x-dqc7" }, { "vulnerability": "VCID-r94a-3fq2-efdg" }, { "vulnerability": "VCID-rfqz-nf3z-v3a3" }, { "vulnerability": "VCID-rg7k-kaxv-2ubx" }, { "vulnerability": "VCID-rsg7-5tup-4bd1" }, { "vulnerability": "VCID-s61k-e43h-13b5" }, { "vulnerability": "VCID-skd6-gqh8-sbba" }, { "vulnerability": "VCID-t4kd-zjrn-kueu" }, { "vulnerability": "VCID-t79w-jeyp-suaw" }, { "vulnerability": "VCID-tfky-edec-13gw" }, { "vulnerability": "VCID-u37s-5nn4-wqbx" }, { "vulnerability": "VCID-ujnp-2f3v-s3h3" }, { "vulnerability": "VCID-uzry-ts4t-fbc8" }, { "vulnerability": "VCID-vnh3-bvyq-13d6" }, { "vulnerability": "VCID-vqke-p81x-sffn" }, { "vulnerability": "VCID-w1c4-c4xs-yba4" }, { "vulnerability": "VCID-w5gg-jtut-qkcc" }, { "vulnerability": "VCID-wqg8-5kwe-vuem" }, { "vulnerability": "VCID-xqz3-k7ts-juck" }, { "vulnerability": "VCID-y3uj-myy6-kbha" }, { "vulnerability": "VCID-z9uf-p9w2-57fj" }, { "vulnerability": "VCID-zbfc-s76k-gfgv" }, { "vulnerability": "VCID-zm3q-aquc-pqg7" }, { "vulnerability": "VCID-zvn3-zvr5-buhg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.8.6-1%252Bdeb9u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/516117?format=api", "purl": "pkg:deb/debian/jackson-databind@2.9.8-3%2Bdeb10u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1uan-q6u8-affj" }, { "vulnerability": "VCID-1z31-s1cu-bbh4" }, { "vulnerability": "VCID-314g-t8xy-5khg" }, { "vulnerability": "VCID-4mtm-6bjh-7ka1" }, { "vulnerability": "VCID-4r6g-jwvd-1ke5" }, { "vulnerability": "VCID-4x8s-rj62-tqca" }, { "vulnerability": "VCID-5887-pcyq-nkht" }, { "vulnerability": "VCID-58n5-hqdf-xff2" }, { "vulnerability": "VCID-7svn-u8ub-4faw" }, { "vulnerability": "VCID-7t7w-fq26-auc7" }, { "vulnerability": "VCID-88hx-kauy-4fcy" }, { "vulnerability": "VCID-89dx-2s8k-mufw" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-8htk-33f4-4ufg" }, { "vulnerability": "VCID-8kwc-sxvr-skgp" }, { "vulnerability": "VCID-auzw-j1fc-jff8" }, { "vulnerability": "VCID-c1uz-emh5-9fhe" }, { "vulnerability": "VCID-cnns-pjex-4ybt" }, { "vulnerability": "VCID-crra-28kn-mqab" }, { "vulnerability": "VCID-dd77-bpcr-zfam" }, { "vulnerability": "VCID-fjz8-msfe-27hv" }, { "vulnerability": "VCID-fkct-tzwg-mkh8" }, { "vulnerability": "VCID-fqzk-v2gt-s7am" }, { "vulnerability": "VCID-gxpn-pz3c-gugf" }, { "vulnerability": "VCID-h324-unyb-sbac" }, { "vulnerability": "VCID-huxh-yrbr-s7bt" }, { "vulnerability": "VCID-jrfy-e6wv-1kbc" }, { "vulnerability": "VCID-nz1v-4hgs-6yge" }, { "vulnerability": "VCID-q6zd-khan-9yhj" }, { "vulnerability": "VCID-q7ye-13eq-vuhy" }, { "vulnerability": "VCID-qx3m-tcqj-ukc2" }, { "vulnerability": "VCID-r92s-4m4x-dqc7" }, { "vulnerability": "VCID-r94a-3fq2-efdg" }, { "vulnerability": "VCID-rfqz-nf3z-v3a3" }, { "vulnerability": "VCID-rsg7-5tup-4bd1" }, { "vulnerability": "VCID-s61k-e43h-13b5" }, { "vulnerability": "VCID-skd6-gqh8-sbba" }, { "vulnerability": "VCID-t4kd-zjrn-kueu" }, { "vulnerability": "VCID-ujnp-2f3v-s3h3" }, { "vulnerability": "VCID-uzry-ts4t-fbc8" }, { "vulnerability": "VCID-vnh3-bvyq-13d6" }, { "vulnerability": "VCID-vqke-p81x-sffn" }, { "vulnerability": "VCID-w1c4-c4xs-yba4" }, { "vulnerability": "VCID-w5gg-jtut-qkcc" }, { "vulnerability": "VCID-xqz3-k7ts-juck" }, { "vulnerability": "VCID-y3uj-myy6-kbha" }, { "vulnerability": "VCID-z9uf-p9w2-57fj" }, { "vulnerability": "VCID-zbfc-s76k-gfgv" }, { "vulnerability": "VCID-zm3q-aquc-pqg7" }, { "vulnerability": "VCID-zvn3-zvr5-buhg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jackson-databind@2.9.8-3%252Bdeb10u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/58289?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1uan-q6u8-affj" }, { "vulnerability": "VCID-4mtm-6bjh-7ka1" }, { "vulnerability": "VCID-5887-pcyq-nkht" }, { "vulnerability": "VCID-58n5-hqdf-xff2" }, { "vulnerability": "VCID-62jb-3d7y-y7ae" }, { "vulnerability": "VCID-7pd3-dre3-wug9" }, { "vulnerability": "VCID-7svn-u8ub-4faw" }, { "vulnerability": "VCID-88hx-kauy-4fcy" }, { "vulnerability": "VCID-8ec9-5qt4-duat" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-8htk-33f4-4ufg" }, { "vulnerability": "VCID-8kwc-sxvr-skgp" }, { "vulnerability": "VCID-auzw-j1fc-jff8" }, { "vulnerability": "VCID-cnns-pjex-4ybt" }, { "vulnerability": "VCID-d6ez-jva8-hyag" }, { "vulnerability": "VCID-ez2q-xgz1-rkab" }, { "vulnerability": "VCID-fjz8-msfe-27hv" }, { "vulnerability": "VCID-fkct-tzwg-mkh8" }, { "vulnerability": "VCID-fqzk-v2gt-s7am" }, { "vulnerability": "VCID-h324-unyb-sbac" }, { "vulnerability": "VCID-jrfy-e6wv-1kbc" }, { "vulnerability": "VCID-kdkp-1ucy-w3g1" }, { "vulnerability": "VCID-m3y5-xa6w-83b6" }, { "vulnerability": "VCID-nz1v-4hgs-6yge" }, { "vulnerability": "VCID-p52x-ese3-qkha" }, { "vulnerability": "VCID-qx3m-tcqj-ukc2" }, { "vulnerability": "VCID-r92s-4m4x-dqc7" }, { "vulnerability": "VCID-rfqz-nf3z-v3a3" }, { "vulnerability": "VCID-rg7k-kaxv-2ubx" }, { "vulnerability": "VCID-s61k-e43h-13b5" }, { "vulnerability": "VCID-skd6-gqh8-sbba" }, { "vulnerability": "VCID-t4kd-zjrn-kueu" }, { "vulnerability": "VCID-t79w-jeyp-suaw" }, { "vulnerability": "VCID-tfky-edec-13gw" }, { "vulnerability": "VCID-ujnp-2f3v-s3h3" }, { "vulnerability": "VCID-uzry-ts4t-fbc8" }, { "vulnerability": "VCID-vnh3-bvyq-13d6" }, { "vulnerability": "VCID-vqke-p81x-sffn" }, { "vulnerability": "VCID-w7nq-y9sx-nfcc" }, { "vulnerability": "VCID-wqg8-5kwe-vuem" }, { "vulnerability": "VCID-xqz3-k7ts-juck" }, { "vulnerability": "VCID-zm3q-aquc-pqg7" }, { "vulnerability": "VCID-zvn3-zvr5-buhg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/54992?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18u1-9nc1-2feh" }, { "vulnerability": "VCID-1uan-q6u8-affj" }, { "vulnerability": "VCID-2uzw-pn14-p7a1" }, { "vulnerability": "VCID-39mg-y1k8-xbf9" }, { "vulnerability": "VCID-4r6g-jwvd-1ke5" }, { "vulnerability": "VCID-4x8s-rj62-tqca" }, { "vulnerability": "VCID-5887-pcyq-nkht" }, { "vulnerability": "VCID-62jb-3d7y-y7ae" }, { "vulnerability": "VCID-7pd3-dre3-wug9" }, { "vulnerability": "VCID-7svn-u8ub-4faw" }, { "vulnerability": "VCID-7t7w-fq26-auc7" }, { "vulnerability": "VCID-88hx-kauy-4fcy" }, { "vulnerability": "VCID-8ec9-5qt4-duat" }, { "vulnerability": "VCID-8fr2-v728-cfcc" }, { "vulnerability": "VCID-8htk-33f4-4ufg" }, { "vulnerability": "VCID-8kwc-sxvr-skgp" }, { "vulnerability": "VCID-8mns-fyju-dqdr" }, { "vulnerability": "VCID-auzw-j1fc-jff8" }, { "vulnerability": "VCID-cnns-pjex-4ybt" }, { "vulnerability": "VCID-d6ez-jva8-hyag" }, { "vulnerability": "VCID-ez2q-xgz1-rkab" }, { "vulnerability": "VCID-fjz8-msfe-27hv" }, { "vulnerability": "VCID-fkct-tzwg-mkh8" }, { "vulnerability": "VCID-fqzk-v2gt-s7am" }, { "vulnerability": "VCID-h324-unyb-sbac" }, { "vulnerability": "VCID-j1pk-ygx5-5bfd" }, { "vulnerability": "VCID-jrfy-e6wv-1kbc" }, { "vulnerability": "VCID-kdkp-1ucy-w3g1" }, { "vulnerability": "VCID-m3y5-xa6w-83b6" }, { "vulnerability": "VCID-nz1v-4hgs-6yge" }, { "vulnerability": "VCID-p52x-ese3-qkha" }, { "vulnerability": "VCID-qx3m-tcqj-ukc2" }, { "vulnerability": "VCID-r92s-4m4x-dqc7" }, { "vulnerability": "VCID-r94a-3fq2-efdg" }, { "vulnerability": "VCID-rfqz-nf3z-v3a3" }, { "vulnerability": "VCID-rg7k-kaxv-2ubx" }, { "vulnerability": "VCID-s61k-e43h-13b5" }, { "vulnerability": "VCID-skd6-gqh8-sbba" }, { "vulnerability": "VCID-t4kd-zjrn-kueu" }, { "vulnerability": "VCID-t79w-jeyp-suaw" }, { "vulnerability": "VCID-tfky-edec-13gw" }, { "vulnerability": "VCID-u37s-5nn4-wqbx" }, { "vulnerability": "VCID-ujnp-2f3v-s3h3" }, { "vulnerability": "VCID-uzry-ts4t-fbc8" }, { "vulnerability": "VCID-vnh3-bvyq-13d6" }, { "vulnerability": "VCID-vqke-p81x-sffn" }, { "vulnerability": "VCID-w1c4-c4xs-yba4" }, { "vulnerability": "VCID-w7nq-y9sx-nfcc" }, { "vulnerability": "VCID-wqg8-5kwe-vuem" }, { "vulnerability": "VCID-xqz3-k7ts-juck" }, { "vulnerability": "VCID-zbfc-s76k-gfgv" }, { "vulnerability": "VCID-zm3q-aquc-pqg7" }, { "vulnerability": "VCID-zvn3-zvr5-buhg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.0" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36179.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36179.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36179", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.61883", "scoring_system": "epss", "scoring_elements": "0.98367", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.61883", "scoring_system": "epss", "scoring_elements": "0.98365", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.61883", "scoring_system": "epss", "scoring_elements": "0.98362", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36179" }, { "reference_url": "https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:53Z/" } ], "url": "https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36179", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36179" }, { "reference_url": "https://github.com/FasterXML/jackson-databind", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/3ded28aece694d0df39c9f0fa1ff385b14a8656b", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/3ded28aece694d0df39c9f0fa1ff385b14a8656b" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/issues/3004", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:53Z/" } ], "url": "https://github.com/FasterXML/jackson-databind/issues/3004" }, { "reference_url": "https://lists.apache.org/thread.html/rc255f41d9a61d3dc79a51fb5c713de4ae10e71e3673feeb0b180b436@%3Cissues.spark.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rc255f41d9a61d3dc79a51fb5c713de4ae10e71e3673feeb0b180b436@%3Cissues.spark.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:53Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210205-0005", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20210205-0005" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuApr2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:53Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:53Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:53Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "reference_url": "https://www.oracle.com//security-alerts/cpujul2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:53Z/" } ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:53Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:53Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913871", "reference_id": "1913871", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913871" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36179", "reference_id": "CVE-2020-36179", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36179" }, { "reference_url": "https://github.com/advisories/GHSA-9gph-22xh-8x98", "reference_id": "GHSA-9gph-22xh-8x98", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9gph-22xh-8x98" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210205-0005/", "reference_id": "ntap-20210205-0005", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:53Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210205-0005/" }, { "reference_url": "https://lists.apache.org/thread.html/rc255f41d9a61d3dc79a51fb5c713de4ae10e71e3673feeb0b180b436%40%3Cissues.spark.apache.org%3E", "reference_id": "rc255f41d9a61d3dc79a51fb5c713de4ae10e71e3673feeb0b180b436%40%3Cissues.spark.apache.org%3E", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:53Z/" } ], "url": "https://lists.apache.org/thread.html/rc255f41d9a61d3dc79a51fb5c713de4ae10e71e3673feeb0b180b436%40%3Cissues.spark.apache.org%3E" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1230", "reference_id": "RHSA-2021:1230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1515", "reference_id": "RHSA-2021:1515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1515" } ], "weaknesses": [ { "cwe_id": 502, "name": "Deserialization of Untrusted Data", "description": "The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [], "severity_range_score": "7.0 - 8.9", "exploitability": "0.5", "weighted_severity": "8.0", "risk_score": 4.0, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fjz8-msfe-27hv" }