| Max CVSS | 7.5 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-12086 | 5.0 |
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java ja
|
13-09-2023 - 14:16 | 17-05-2019 - 17:29 | |
| CVE-2020-10716 | 4.0 |
A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view. This flaw allows a malicious Satellite user to scan through the Job Invocation, with the ability to search for passwords and
|
21-10-2022 - 17:58 | 27-05-2021 - 19:15 | |
| CVE-2019-10086 | 7.5 |
In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by defa
|
25-07-2022 - 18:15 | 20-08-2019 - 21:15 | |
| CVE-2019-12086 | 5.0 |
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java ja
|
01-10-2020 - 00:15 | 17-05-2019 - 17:29 | |
| CVE-2019-0231 | 5.0 |
Handling of the close_notify SSL/TLS message does not lead to a connection closure, leading the server to retain the socket opened and to have the client potentially receive clear text messages afterward. Mitigation: 2.0.20 users should migrate to 2.
|
08-10-2019 - 17:47 | 01-10-2019 - 20:15 | |
| CVE-2017-17718 | 4.3 |
The Net::LDAP (aka net-ldap) gem before 0.16.0 for Ruby has Missing SSL Certificate Validation.
|
05-01-2018 - 18:12 | 17-12-2017 - 21:29 |