CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-10969

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.015

EPSS Ranking 79.9%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

Products affected by CVE-2020-10969

Fasterxml » Jackson-Databind » Version: 2.7.0

cpe:2.3:a:fasterxml:jackson-databind:2.7.0
Fasterxml » Jackson-Databind » Version: 2.7.1

cpe:2.3:a:fasterxml:jackson-databind:2.7.1
Fasterxml » Jackson-Databind » Version: 2.7.1-1

cpe:2.3:a:fasterxml:jackson-databind:2.7.1-1
Fasterxml » Jackson-Databind » Version: 2.7.2

cpe:2.3:a:fasterxml:jackson-databind:2.7.2
Fasterxml » Jackson-Databind » Version: 2.7.3

cpe:2.3:a:fasterxml:jackson-databind:2.7.3
Fasterxml » Jackson-Databind » Version: 2.7.4

cpe:2.3:a:fasterxml:jackson-databind:2.7.4
Fasterxml » Jackson-Databind » Version: 2.7.5

cpe:2.3:a:fasterxml:jackson-databind:2.7.5
Fasterxml » Jackson-Databind » Version: 2.7.6

cpe:2.3:a:fasterxml:jackson-databind:2.7.6
Fasterxml » Jackson-Databind » Version: 2.7.7

cpe:2.3:a:fasterxml:jackson-databind:2.7.7
Fasterxml » Jackson-Databind » Version: 2.7.8

cpe:2.3:a:fasterxml:jackson-databind:2.7.8
Fasterxml » Jackson-Databind » Version: 2.7.9

cpe:2.3:a:fasterxml:jackson-databind:2.7.9
Fasterxml » Jackson-Databind » Version: 2.7.9.1

cpe:2.3:a:fasterxml:jackson-databind:2.7.9.1
Fasterxml » Jackson-Databind » Version: 2.7.9.2

cpe:2.3:a:fasterxml:jackson-databind:2.7.9.2
Fasterxml » Jackson-Databind » Version: 2.7.9.3

cpe:2.3:a:fasterxml:jackson-databind:2.7.9.3
Fasterxml » Jackson-Databind » Version: 2.7.9.4

cpe:2.3:a:fasterxml:jackson-databind:2.7.9.4
Fasterxml » Jackson-Databind » Version: 2.7.9.5

cpe:2.3:a:fasterxml:jackson-databind:2.7.9.5
Fasterxml » Jackson-Databind » Version: 2.7.9.6

cpe:2.3:a:fasterxml:jackson-databind:2.7.9.6
Fasterxml » Jackson-Databind » Version: 2.8.0

cpe:2.3:a:fasterxml:jackson-databind:2.8.0
Fasterxml » Jackson-Databind » Version: 2.8.1

cpe:2.3:a:fasterxml:jackson-databind:2.8.1
Fasterxml » Jackson-Databind » Version: 2.8.10

cpe:2.3:a:fasterxml:jackson-databind:2.8.10
Fasterxml » Jackson-Databind » Version: 2.8.11

cpe:2.3:a:fasterxml:jackson-databind:2.8.11
Fasterxml » Jackson-Databind » Version: 2.8.11.1

cpe:2.3:a:fasterxml:jackson-databind:2.8.11.1
Fasterxml » Jackson-Databind » Version: 2.8.11.2

cpe:2.3:a:fasterxml:jackson-databind:2.8.11.2
Fasterxml » Jackson-Databind » Version: 2.8.11.3

cpe:2.3:a:fasterxml:jackson-databind:2.8.11.3
Fasterxml » Jackson-Databind » Version: 2.8.11.4

cpe:2.3:a:fasterxml:jackson-databind:2.8.11.4
Fasterxml » Jackson-Databind » Version: 2.8.11.5

cpe:2.3:a:fasterxml:jackson-databind:2.8.11.5
Fasterxml » Jackson-Databind » Version: 2.8.2

cpe:2.3:a:fasterxml:jackson-databind:2.8.2
Fasterxml » Jackson-Databind » Version: 2.8.3

cpe:2.3:a:fasterxml:jackson-databind:2.8.3
Fasterxml » Jackson-Databind » Version: 2.8.4

cpe:2.3:a:fasterxml:jackson-databind:2.8.4
Fasterxml » Jackson-Databind » Version: 2.8.5

cpe:2.3:a:fasterxml:jackson-databind:2.8.5
Fasterxml » Jackson-Databind » Version: 2.8.6

cpe:2.3:a:fasterxml:jackson-databind:2.8.6
Fasterxml » Jackson-Databind » Version: 2.8.7

cpe:2.3:a:fasterxml:jackson-databind:2.8.7
Fasterxml » Jackson-Databind » Version: 2.8.8

cpe:2.3:a:fasterxml:jackson-databind:2.8.8
Fasterxml » Jackson-Databind » Version: 2.8.8.1

cpe:2.3:a:fasterxml:jackson-databind:2.8.8.1
Fasterxml » Jackson-Databind » Version: 2.8.9

cpe:2.3:a:fasterxml:jackson-databind:2.8.9
Fasterxml » Jackson-Databind » Version: 2.9.0

cpe:2.3:a:fasterxml:jackson-databind:2.9.0
Fasterxml » Jackson-Databind » Version: 2.9.1

cpe:2.3:a:fasterxml:jackson-databind:2.9.1
Fasterxml » Jackson-Databind » Version: 2.9.10

cpe:2.3:a:fasterxml:jackson-databind:2.9.10
Fasterxml » Jackson-Databind » Version: 2.9.10.1

cpe:2.3:a:fasterxml:jackson-databind:2.9.10.1
Fasterxml » Jackson-Databind » Version: 2.9.10.2

cpe:2.3:a:fasterxml:jackson-databind:2.9.10.2
Fasterxml » Jackson-Databind » Version: 2.9.10.3

cpe:2.3:a:fasterxml:jackson-databind:2.9.10.3
Fasterxml » Jackson-Databind » Version: 2.9.2

cpe:2.3:a:fasterxml:jackson-databind:2.9.2
Fasterxml » Jackson-Databind » Version: 2.9.3

cpe:2.3:a:fasterxml:jackson-databind:2.9.3
Fasterxml » Jackson-Databind » Version: 2.9.4

cpe:2.3:a:fasterxml:jackson-databind:2.9.4
Fasterxml » Jackson-Databind » Version: 2.9.5

cpe:2.3:a:fasterxml:jackson-databind:2.9.5
Fasterxml » Jackson-Databind » Version: 2.9.6

cpe:2.3:a:fasterxml:jackson-databind:2.9.6
Fasterxml » Jackson-Databind » Version: 2.9.7

cpe:2.3:a:fasterxml:jackson-databind:2.9.7
Fasterxml » Jackson-Databind » Version: 2.9.8

cpe:2.3:a:fasterxml:jackson-databind:2.9.8
Fasterxml » Jackson-Databind » Version: 2.9.9

cpe:2.3:a:fasterxml:jackson-databind:2.9.9
Fasterxml » Jackson-Databind » Version: 2.9.9.1

cpe:2.3:a:fasterxml:jackson-databind:2.9.9.1
Fasterxml » Jackson-Databind » Version: 2.9.9.2

cpe:2.3:a:fasterxml:jackson-databind:2.9.9.2
Fasterxml » Jackson-Databind » Version: 2.9.9.3

cpe:2.3:a:fasterxml:jackson-databind:2.9.9.3
Fasterxml » Jackson-Databind » Version: 2.9.9.4

cpe:2.3:a:fasterxml:jackson-databind:2.9.9.4
Netapp » Steelstore Cloud Integrated Storage » Version: N/A

cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-
Oracle » Agile Plm » Version: 9.3.6

cpe:2.3:a:oracle:agile_plm:9.3.6
Oracle » Autovue For Agile Product Lifecycle Management » Version: 21.0.2

cpe:2.3:a:oracle:autovue_for_agile_product_lifecycle_management:21.0.2
Oracle » Banking Digital Experience » Version: 18.1

cpe:2.3:a:oracle:banking_digital_experience:18.1
Oracle » Banking Digital Experience » Version: 18.2

cpe:2.3:a:oracle:banking_digital_experience:18.2
Oracle » Banking Digital Experience » Version: 18.3

cpe:2.3:a:oracle:banking_digital_experience:18.3
Oracle » Banking Digital Experience » Version: 19.1

cpe:2.3:a:oracle:banking_digital_experience:19.1
Oracle » Banking Digital Experience » Version: 19.2

cpe:2.3:a:oracle:banking_digital_experience:19.2
Oracle » Banking Digital Experience » Version: 20.1

cpe:2.3:a:oracle:banking_digital_experience:20.1
Oracle » Banking Platform » Version: 2.4.0

cpe:2.3:a:oracle:banking_platform:2.4.0
Oracle » Banking Platform » Version: 2.4.1

cpe:2.3:a:oracle:banking_platform:2.4.1
Oracle » Banking Platform » Version: 2.5.0

cpe:2.3:a:oracle:banking_platform:2.5.0
Oracle » Banking Platform » Version: 2.6.0

cpe:2.3:a:oracle:banking_platform:2.6.0
Oracle » Banking Platform » Version: 2.6.1

cpe:2.3:a:oracle:banking_platform:2.6.1
Oracle » Banking Platform » Version: 2.6.2

cpe:2.3:a:oracle:banking_platform:2.6.2
Oracle » Banking Platform » Version: 2.7.0

cpe:2.3:a:oracle:banking_platform:2.7.0
Oracle » Banking Platform » Version: 2.7.1

cpe:2.3:a:oracle:banking_platform:2.7.1
Oracle » Banking Platform » Version: 2.8.0

cpe:2.3:a:oracle:banking_platform:2.8.0
Oracle » Banking Platform » Version: 2.9.0

cpe:2.3:a:oracle:banking_platform:2.9.0
Oracle » Communications Calendar Server » Version: 8.0.0.4.0

cpe:2.3:a:oracle:communications_calendar_server:8.0.0.4.0
Oracle » Communications Contacts Server » Version: 8.0.0.4.0

cpe:2.3:a:oracle:communications_contacts_server:8.0.0.4.0
Oracle » Communications Contacts Server » Version: 8.0.0.5.0

cpe:2.3:a:oracle:communications_contacts_server:8.0.0.5.0
Oracle » Communications Diameter Signaling Router » Version: 8.0.0

cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0
Oracle » Communications Diameter Signaling Router » Version: 8.0.0.0

cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0.0
Oracle » Communications Diameter Signaling Router » Version: 8.1

cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1
Oracle » Communications Diameter Signaling Router » Version: 8.2

cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2
Oracle » Communications Diameter Signaling Router » Version: 8.2.1

cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1
Oracle » Communications Diameter Signaling Router » Version: 8.2.2

cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.2
Oracle » Communications Element Manager » Version: 8.2.0

cpe:2.3:a:oracle:communications_element_manager:8.2.0
Oracle » Communications Element Manager » Version: 8.2.0.0

cpe:2.3:a:oracle:communications_element_manager:8.2.0.0
Oracle » Communications Element Manager » Version: 8.2.1

cpe:2.3:a:oracle:communications_element_manager:8.2.1
Oracle » Communications Element Manager » Version: 8.2.2

cpe:2.3:a:oracle:communications_element_manager:8.2.2
Oracle » Communications Evolved Communications Application Server » Version: 7.1

cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1
Oracle » Communications Instant Messaging Server » Version: 10.0.1.4.0

cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.4.0
Oracle » Communications Network Charging And Control » Version: 12.0.0

cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.0
Oracle » Communications Network Charging And Control » Version: 12.0.1.0

cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.1.0
Oracle » Communications Network Charging And Control » Version: 12.0.2

cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.2
Oracle » Communications Network Charging And Control » Version: 12.0.3

cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.3
Oracle » Communications Network Charging And Control » Version: 6.0.1

cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1
Oracle » Communications Session Report Manager » Version: 8.2.0

cpe:2.3:a:oracle:communications_session_report_manager:8.2.0
Oracle » Communications Session Report Manager » Version: 8.2.1

cpe:2.3:a:oracle:communications_session_report_manager:8.2.1
Oracle » Communications Session Report Manager » Version: 8.2.2

cpe:2.3:a:oracle:communications_session_report_manager:8.2.2
Oracle » Communications Session Route Manager » Version: 8.2.0

cpe:2.3:a:oracle:communications_session_route_manager:8.2.0
Oracle » Communications Session Route Manager » Version: 8.2.0.0

cpe:2.3:a:oracle:communications_session_route_manager:8.2.0.0
Oracle » Communications Session Route Manager » Version: 8.2.1

cpe:2.3:a:oracle:communications_session_route_manager:8.2.1
Oracle » Communications Session Route Manager » Version: 8.2.2

cpe:2.3:a:oracle:communications_session_route_manager:8.2.2
Oracle » Enterprise Manager Base Platform » Version: 13.3.0.0

cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0
Oracle » Enterprise Manager Base Platform » Version: 13.4.0.0

cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0
Oracle » Financial Services Analytical Applications Infrastructure » Version: 8.0.6

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6
Oracle » Financial Services Analytical Applications Infrastructure » Version: 8.0.6.0.0

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6.0.0
Oracle » Financial Services Analytical Applications Infrastructure » Version: 8.0.6.0.1

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6.0.1
Oracle » Financial Services Analytical Applications Infrastructure » Version: 8.0.6.1.0

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6.1.0
Oracle » Financial Services Analytical Applications Infrastructure » Version: 8.0.6.2.0

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6.2.0
Oracle » Financial Services Analytical Applications Infrastructure » Version: 8.0.6.3.0

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6.3.0
Oracle » Financial Services Analytical Applications Infrastructure » Version: 8.0.6.4.0

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6.4.0
Oracle » Financial Services Analytical Applications Infrastructure » Version: 8.0.7

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7
Oracle » Financial Services Analytical Applications Infrastructure » Version: 8.0.7.0.0

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.0.0
Oracle » Financial Services Analytical Applications Infrastructure » Version: 8.0.7.1.0

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.1.0
Oracle » Financial Services Analytical Applications Infrastructure » Version: 8.0.7.2.0

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.2.0
Oracle » Financial Services Analytical Applications Infrastructure » Version: 8.0.8

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8
Oracle » Financial Services Analytical Applications Infrastructure » Version: 8.0.8.0.0

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.8.0.0
Oracle » Financial Services Analytical Applications Infrastructure » Version: 8.0.9

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.9
Oracle » Financial Services Analytical Applications Infrastructure » Version: 8.0.9.0.0

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.9.0.0
Oracle » Financial Services Analytical Applications Infrastructure » Version: 8.1.0

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.1.0
Oracle » Financial Services Institutional Performance Analytics » Version: 8.0.6

cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6
Oracle » Financial Services Institutional Performance Analytics » Version: 8.0.7

cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7
Oracle » Financial Services Institutional Performance Analytics » Version: 8.1.0

cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0
Oracle » Financial Services Price Creation And Discovery » Version: 8.0.6

cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6
Oracle » Financial Services Price Creation And Discovery » Version: 8.0.7

cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7
Oracle » Financial Services Retail Customer Analytics » Version: 8.0.6

cpe:2.3:a:oracle:financial_services_retail_customer_analytics:8.0.6
Oracle » Global Lifecycle Management Opatch » Version: 11.2.0.3.23

cpe:2.3:a:oracle:global_lifecycle_management_opatch:11.2.0.3.23
Oracle » Global Lifecycle Management Opatch » Version: 12.2.0.1.0

cpe:2.3:a:oracle:global_lifecycle_management_opatch:12.2.0.1.0
Oracle » Global Lifecycle Management Opatch » Version: 12.2.0.1.19

cpe:2.3:a:oracle:global_lifecycle_management_opatch:12.2.0.1.19
Oracle » Insurance Policy Administration J2ee » Version: 11.0.2.25

cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.0.2.25
Oracle » Insurance Policy Administration J2ee » Version: 11.1.0.15

cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.1.0.15
Oracle » Jd Edwards Enterpriseone Orchestrator » Version: N/A

cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:-
Oracle » Jd Edwards Enterpriseone Orchestrator » Version: 9.2

cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2
Oracle » Jd Edwards Enterpriseone Tools » Version: N/A

cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:-
Oracle » Jd Edwards Enterpriseone Tools » Version: 4.0.1.0

cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:4.0.1.0
Oracle » Jd Edwards Enterpriseone Tools » Version: 9.1

cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.1
Oracle » Jd Edwards Enterpriseone Tools » Version: 9.1.5

cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.1.5
Oracle » Jd Edwards Enterpriseone Tools » Version: 9.2

cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2
Oracle » Jd Edwards Enterpriseone Tools » Version: 9.2.0.0

cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2.0.0
Oracle » Jd Edwards Enterpriseone Tools » Version: 9.2.4.0

cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2.4.0
Oracle » Primavera Unifier » Version: 16.1

cpe:2.3:a:oracle:primavera_unifier:16.1
Oracle » Primavera Unifier » Version: 16.2

cpe:2.3:a:oracle:primavera_unifier:16.2
Oracle » Primavera Unifier » Version: 17.10

cpe:2.3:a:oracle:primavera_unifier:17.10
Oracle » Primavera Unifier » Version: 17.11

cpe:2.3:a:oracle:primavera_unifier:17.11
Oracle » Primavera Unifier » Version: 17.12

cpe:2.3:a:oracle:primavera_unifier:17.12
Oracle » Primavera Unifier » Version: 17.7

cpe:2.3:a:oracle:primavera_unifier:17.7
Oracle » Primavera Unifier » Version: 17.8

cpe:2.3:a:oracle:primavera_unifier:17.8
Oracle » Primavera Unifier » Version: 17.9

cpe:2.3:a:oracle:primavera_unifier:17.9
Oracle » Primavera Unifier » Version: 18.8

cpe:2.3:a:oracle:primavera_unifier:18.8
Oracle » Primavera Unifier » Version: 19.12

cpe:2.3:a:oracle:primavera_unifier:19.12
Oracle » Retail Merchandising System » Version: 15.0

cpe:2.3:a:oracle:retail_merchandising_system:15.0
Oracle » Retail Sales Audit » Version: 14.1

cpe:2.3:a:oracle:retail_sales_audit:14.1
Oracle » Retail Service Backbone » Version: 14.1

cpe:2.3:a:oracle:retail_service_backbone:14.1
Oracle » Retail Service Backbone » Version: 15.0

cpe:2.3:a:oracle:retail_service_backbone:15.0
Oracle » Retail Service Backbone » Version: 16.0

cpe:2.3:a:oracle:retail_service_backbone:16.0
Oracle » Retail Xstore Point Of Service » Version: 15.0

cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0
Oracle » Retail Xstore Point Of Service » Version: 16.0

cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0
Oracle » Retail Xstore Point Of Service » Version: 17.0

cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0
Oracle » Retail Xstore Point Of Service » Version: 18.0

cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0
Oracle » Retail Xstore Point Of Service » Version: 19.0

cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0
Oracle » Weblogic Server » Version: 12.2.1.3.0

cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0
Oracle » Weblogic Server » Version: 12.2.1.4.0

cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0
Debian » Debian Linux » Version: 8.0

cpe:2.3:o:debian:debian_linux:8.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-10969

Products

Pricing

Contact Us