Search for vulnerabilities
Vulnerability details: VCID-sc9x-9frn-aaae
Vulnerability ID VCID-sc9x-9frn-aaae
Aliases CVE-2020-10968
GHSA-rf6r-2c4q-2vwg
Summary jackson-databind mishandles the interaction between serialization gadgets and typing
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-502 Deserialization of Untrusted Data
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
rhas Important https://access.redhat.com/errata/RHSA-2020:1523
rhas Important https://access.redhat.com/errata/RHSA-2020:2067
rhas Important https://access.redhat.com/errata/RHSA-2020:2333
rhas Important https://access.redhat.com/errata/RHSA-2020:3192
rhas Important https://access.redhat.com/errata/RHSA-2020:3196
rhas Important https://access.redhat.com/errata/RHSA-2020:3197
rhas Important https://access.redhat.com/errata/RHSA-2020:3779
rhas Important https://access.redhat.com/errata/RHSA-2020:4366
rhas Moderate https://access.redhat.com/errata/RHSA-2020:5625
cvssv3 8.8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10968.json
epss 0.00482 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.00482 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.00482 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.00482 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.00775 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.00775 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.00775 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.00775 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.00775 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.00775 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.00775 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.00775 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.00775 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.00775 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.00775 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.00775 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06632 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06703 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06703 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06802 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06802 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06802 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06802 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06802 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06802 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06802 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06802 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.06802 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
epss 0.15498 https://api.first.org/data/v1/epss?cve=CVE-2020-10968
cvssv3.1_qr HIGH https://github.com/advisories/GHSA-rf6r-2c4q-2vwg
cvssv3.1 7.5 https://github.com/FasterXML/jackson-databind
generic_textual HIGH https://github.com/FasterXML/jackson-databind
cvssv3.1 8.8 https://github.com/FasterXML/jackson-databind/commit/05d7e0e13f43e12db6a51726df12c8b4d8040676
generic_textual HIGH https://github.com/FasterXML/jackson-databind/commit/05d7e0e13f43e12db6a51726df12c8b4d8040676
cvssv3.1 8.1 https://github.com/FasterXML/jackson-databind/commit/08fbfacf89a4a4c026a6227a1b470ab7a13e2e88
generic_textual HIGH https://github.com/FasterXML/jackson-databind/commit/08fbfacf89a4a4c026a6227a1b470ab7a13e2e88
cvssv3.1 8.8 https://github.com/FasterXML/jackson-databind/issues/2662
generic_textual HIGH https://github.com/FasterXML/jackson-databind/issues/2662
cvssv3.1 8.1 https://lists.debian.org/debian-lts-announce/2020/04/msg00012.html
generic_textual HIGH https://lists.debian.org/debian-lts-announce/2020/04/msg00012.html
cvssv3.1 8.8 https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
generic_textual HIGH https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
cvssv3.1 9.8 https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
generic_textual CRITICAL https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
cvssv2 6.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10968
cvssv3 8.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10968
cvssv3.1 8.8 https://nvd.nist.gov/vuln/detail/CVE-2020-10968
cvssv3.1 8.8 https://security.netapp.com/advisory/ntap-20200403-0002
generic_textual HIGH https://security.netapp.com/advisory/ntap-20200403-0002
cvssv3.1 9.8 https://www.oracle.com/security-alerts/cpujan2021.html
generic_textual CRITICAL https://www.oracle.com/security-alerts/cpujan2021.html
cvssv3.1 9.8 https://www.oracle.com/security-alerts/cpujul2020.html
generic_textual CRITICAL https://www.oracle.com/security-alerts/cpujul2020.html
cvssv3.1 9.8 https://www.oracle.com/security-alerts/cpuoct2020.html
generic_textual CRITICAL https://www.oracle.com/security-alerts/cpuoct2020.html
cvssv3.1 8.2 https://www.oracle.com/security-alerts/cpuoct2021.html
generic_textual HIGH https://www.oracle.com/security-alerts/cpuoct2021.html
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10968.json
https://api.first.org/data/v1/epss?cve=CVE-2020-10968
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10968
https://github.com/FasterXML/jackson-databind
https://github.com/FasterXML/jackson-databind/commit/05d7e0e13f43e12db6a51726df12c8b4d8040676
https://github.com/FasterXML/jackson-databind/commit/08fbfacf89a4a4c026a6227a1b470ab7a13e2e88
https://github.com/FasterXML/jackson-databind/issues/2662
https://lists.debian.org/debian-lts-announce/2020/04/msg00012.html
https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
https://security.netapp.com/advisory/ntap-20200403-0002
https://security.netapp.com/advisory/ntap-20200403-0002/
https://www.oracle.com/security-alerts/cpujan2021.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.oracle.com/security-alerts/cpuoct2021.html
cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:autovue_for_agile_product_lifecycle_management:21.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:autovue_for_agile_product_lifecycle_management:21.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_calendar_server:8.0.0.4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_calendar_server:8.0.0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_contacts_server:8.0.0.4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_contacts_server:8.0.0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_contacts_server:8.0.0.5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_contacts_server:8.0.0.5.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_network_charging_and_control:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_network_charging_and_control:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_retail_customer_analytics:8.0.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_retail_customer_analytics:8.0.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:global_lifecycle_management_opatch:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_opatch:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.0.2.25:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.0.2.25:*:*:*:*:*:*:*
cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.1.0.15:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.1.0.15:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_merchandising_system:15.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:15.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_sales_audit:14.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_sales_audit:14.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_service_backbone:14.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_service_backbone:14.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_service_backbone:15.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_service_backbone:15.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_service_backbone:16.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_service_backbone:16.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
CVE-2020-10968 https://nvd.nist.gov/vuln/detail/CVE-2020-10968
GHSA-rf6r-2c4q-2vwg https://github.com/advisories/GHSA-rf6r-2c4q-2vwg
RHBA-2020:3255 https://bugzilla.redhat.com/show_bug.cgi?id=1819208
RHSA-2020:1523 https://access.redhat.com/errata/RHSA-2020:1523
RHSA-2020:2067 https://access.redhat.com/errata/RHSA-2020:2067
RHSA-2020:2333 https://access.redhat.com/errata/RHSA-2020:2333
RHSA-2020:3192 https://access.redhat.com/errata/RHSA-2020:3192
RHSA-2020:3196 https://access.redhat.com/errata/RHSA-2020:3196
RHSA-2020:3197 https://access.redhat.com/errata/RHSA-2020:3197
RHSA-2020:3779 https://access.redhat.com/errata/RHSA-2020:3779
RHSA-2020:4366 https://access.redhat.com/errata/RHSA-2020:4366
RHSA-2020:5625 https://access.redhat.com/errata/RHSA-2020:5625
USN-USN-4813-1 https://usn.ubuntu.com/USN-4813-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10968.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/FasterXML/jackson-databind
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/FasterXML/jackson-databind/commit/05d7e0e13f43e12db6a51726df12c8b4d8040676
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/FasterXML/jackson-databind/commit/08fbfacf89a4a4c026a6227a1b470ab7a13e2e88
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://github.com/FasterXML/jackson-databind/issues/2662
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://lists.debian.org/debian-lts-announce/2020/04/msg00012.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2020-10968
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2020-10968
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2020-10968
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://security.netapp.com/advisory/ntap-20200403-0002
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://www.oracle.com/security-alerts/cpujan2021.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://www.oracle.com/security-alerts/cpujul2020.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://www.oracle.com/security-alerts/cpuoct2020.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N Found at https://www.oracle.com/security-alerts/cpuoct2021.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.75607
EPSS Score 0.00482
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.