|Max CVSS||7.5||Min CVSS||4.0||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
FasterXML jackson-databind before 220.127.116.11, 2.8.x before 18.104.22.168 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously c
|25-03-2021 - 01:15||26-02-2018 - 15:29|
It was found that URLResource.getLastModified() in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak.
|09-10-2019 - 23:38||11-09-2018 - 15:29|