Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Nosql_database
(Oracle)| Repositories | https://github.com/FasterXML/jackson-databind |
| #Vulnerabilities | 12 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-01-07 | CVE-2018-1320 | Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled in production settings making the validation incomplete. | Thrift, Debian_linux, Traffix_signaling_delivery_controller, Global_lifecycle_management_opatch, Nosql_database | 7.5 | ||
| 2020-04-07 | CVE-2020-11612 | The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An attacker could send a large ZlibEncoded byte stream to the Netty server, forcing the server to allocate all of its free memory to a single decoder. | Debian_linux, Fedora, Oncommand_api_services, Oncommand_insight, Oncommand_workflow_automation, Netty, Communications_brm_\-_elastic_charging_engine, Communications_cloud_native_core_service_communication_proxy, Communications_design_studio, Communications_messaging_server, Nosql_database, Siebel_core_\-_server_framework, Webcenter_portal | 7.5 |