Max CVSS | 7.5 | Min CVSS | 4.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-14379 | 7.5 |
SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.
|
13-09-2023 - 14:53 | 29-07-2019 - 12:15 | |
CVE-2019-12086 | 5.0 |
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java ja
|
13-09-2023 - 14:16 | 17-05-2019 - 17:29 | |
CVE-2019-12814 | 4.3 |
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x through 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has JDOM 1.x or 2.x jar in
|
13-09-2023 - 14:15 | 19-06-2019 - 14:15 | |
CVE-2019-10184 | 5.0 |
undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.
|
20-02-2022 - 06:11 | 25-07-2019 - 21:15 | |
CVE-2019-14820 | 4.0 |
It was found that keycloak before version 8.0.0 exposes internal adapter endpoints in org.keycloak.constants.AdapterConstants, which can be invoked via a specially-crafted URL. This vulnerability could allow an attacker to access unauthorized informa
|
29-10-2021 - 16:01 | 08-01-2020 - 15:15 | |
CVE-2019-12086 | 5.0 |
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java ja
|
01-10-2020 - 00:15 | 17-05-2019 - 17:29 | |
CVE-2019-10184 | 5.0 |
undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.
|
30-09-2020 - 18:09 | 25-07-2019 - 21:15 | |
CVE-2019-14832 | 6.0 |
A flaw was found in the Keycloak REST API before version 8.0.0 where it would permit user access from a realm the user was not configured. An authenticated attacker with knowledge of a user id could use this flaw to access unauthorized information or
|
11-12-2019 - 14:44 | 15-10-2019 - 19:15 |