ID

VAR-202009-1633


CVE

CVE-2020-24750


TITLE

FasterXML jackson-databind  Untrusted Data Deserialization Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-011430

DESCRIPTION

FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration. FasterXML jackson-databind There is a vulnerability in deserialization of untrusted data.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. FasterXML jackson-databind is a library based on JAVA that can convert data formats such as XML and JSON to JAVA objects. Jackson can easily convert Java objects into json objects and xml documents, as well as convert json and xml into Java objects. FasterXML jackson-databind 2.0 series prior to 2.9.10.6 has a security vulnerability, which originates from com.pastdev.httpcomponents.configuration.JndiConfiguration. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: rh-maven35-jackson-databind security update Advisory ID: RHSA-2020:4173-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2020:4173 Issue date: 2020-10-05 CVE Names: CVE-2020-24750 ==================================================================== 1. Summary: An update for rh-maven35-jackson-databind is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch 3. Description: The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API. Security Fix(es): * jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration (CVE-2020-24750) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1882310 - CVE-2020-24750 jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-maven35-jackson-databind-2.7.6-2.11.el7.src.rpm noarch: rh-maven35-jackson-databind-2.7.6-2.11.el7.noarch.rpm rh-maven35-jackson-databind-javadoc-2.7.6-2.11.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-maven35-jackson-databind-2.7.6-2.11.el7.src.rpm noarch: rh-maven35-jackson-databind-2.7.6-2.11.el7.noarch.rpm rh-maven35-jackson-databind-javadoc-2.7.6-2.11.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6): Source: rh-maven35-jackson-databind-2.7.6-2.11.el7.src.rpm noarch: rh-maven35-jackson-databind-2.7.6-2.11.el7.noarch.rpm rh-maven35-jackson-databind-javadoc-2.7.6-2.11.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7): Source: rh-maven35-jackson-databind-2.7.6-2.11.el7.src.rpm noarch: rh-maven35-jackson-databind-2.7.6-2.11.el7.noarch.rpm rh-maven35-jackson-databind-javadoc-2.7.6-2.11.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-maven35-jackson-databind-2.7.6-2.11.el7.src.rpm noarch: rh-maven35-jackson-databind-2.7.6-2.11.el7.noarch.rpm rh-maven35-jackson-databind-javadoc-2.7.6-2.11.el7.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-24750 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX3s4DtzjgjWX9erEAQhtzQ/+KJm3W2dfbUqCVcdtymA4f4UfDt0LFXTP T5AuDJQk5evqIQWpnV/bgbpnIhkGLFVW6AWAQK0pnT5Zl4HK33+sNOTRHKpey0PR j3C43AuFL68XeWVKX8iJdAo42s/a3K4QjEgofXiXfDipPxg356zb8lm4RiXlx9db LMgXAL0uKDzv+4HYcEmOY7A+8rDB4GwLLDmj2J6ZyahNLOECJbO7CdPVEUeT/cFN 32vYBoxmLw1CahI5RcpiebibLA2SRss84iG+/NceptBTfqQzcHVipBHzryOUNsVz PHCcgDAi0KiNR8ugj142CBcVmW6nu3WCipqxjQ86cRx3r2yu5B3yTlAMxjaBxHIC usxO7BPuiK+6Cizw0Qd/DaI0e2YkEvGJ6OwDxEB27j3id9IB9Q1n6qucZH8vahAi gJv/W+Ij1Ff1OaNVZIfXLFAnloVZAy6jBXvwzZNJWOkbHPRjbcz8JJWOt5v4AbsR DKKLs+EoxE+3GPJdTL1EAgA+rrEmbtXVHyuqamf89H5LD2yGjJF8IJkk1ei9b3FJ /hj8UXrfKYnfSM0Q/UnqQbTWXYjqhjJpkrTXTIFR2zZxnaYNOaH/lmMfBpvBEYBW K0I0Y47LoZnt2P+kaJnHWu+uuuETIkrThNZK+JH1qFzhjYfc2AGcB9r2SMAWEARI LOeqeMsgpVs=jbsa -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Bugs fixed (https://bugzilla.redhat.com/): 1666415 - CVE-2018-14718 jackson-databind: arbitrary code execution in slf4j-ext class 1666418 - CVE-2018-14719 jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes 1666423 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK classes 1666428 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class 1666482 - CVE-2018-19360 jackson-databind: improper polymorphic deserialization in axis2-transport-jms class 1666484 - CVE-2018-19361 jackson-databind: improper polymorphic deserialization in openjpa class 1666489 - CVE-2018-19362 jackson-databind: improper polymorphic deserialization in jboss-common-core class 1737517 - CVE-2019-14379 jackson-databind: default typing mishandling leading to remote code execution 1859004 - Sometimes the eventrouter couldn't gather event logs. Bug Fix(es): * Gather image registry config (backport to 4.3) (BZ#1836815) * Builds fail after running postCommit script if OCP cluster is configured with a container registry whitelist (BZ#1849176) * Login with OpenShift not working after cluster upgrade (BZ#1852429) * Limit the size of gathered federated metrics from alerts in Insights Operator (BZ#1874018) * [4.3] Storage operator stops reconciling when going Upgradeable=False on v1alpha1 CRDs (BZ#1879110) * [release 4.3] OpenShift APIs become unavailable for more than 15 minutes after one of master nodes went down(OAuth) (BZ#1880293) You may download the oc tool and use it to inspect release image metadata as follows: (For x86_64 architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.3.40-x86_64 The image digest is sha256:9ff90174a170379e90a9ead6e0d8cf6f439004191f80762764a5ca3dbaab01dc (For s390x architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.3.40-s390x The image digest is sha256:605ddde0442e604cfe2d6bd1541ce48df5956fe626edf9cc95b1fca75d231b64 (For ppc64le architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.3.40-ppc64le The image digest is sha256:d3c9e391c145338eae3feb7f6a4e487dadc8139a353117d642fe686d277bcccc 3. Bugs fixed (https://bugzilla.redhat.com/): 1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic 1836815 - Gather image registry config (backport to 4.3) 1849176 - Builds fail after running postCommit script if OCP cluster is configured with a container registry whitelist 1874018 - Limit the size of gathered federated metrics from alerts in Insights Operator 1874399 - [DR] etcd-member-recover.sh fails to pull image with unauthorized 1879110 - [4.3] Storage operator stops reconciling when going Upgradeable=False on v1alpha1 CRDs 5. JIRA issues fixed (https://issues.jboss.org/): LOG-1224 - Release 5.0 - ClusterLogForwarder namespace-specific log forwarding does not work as expected LOG-1232 - 5.0 - Bug 1859004 - Sometimes the eventrouter couldn't gather event logs. LOG-1234 - CVE-2020-15586 CVE-2020-16845 openshift-eventrouter: various flaws [openshift-4] LOG-1299 - Release 5.0 Forwarding logs to Kafka using Chained certificates fails with error "state=error: certificate verify failed (unable to get local issuer certificate)" 5. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. See the following advisory for the container images for this release: https://access.redhat.com/errata/RHEA-2020:5633 All OpenShift Container Platform users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - -between-minor.html#understanding-upgrade-channels_updating-cluster-between - -minor. Solution: For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel ease-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster - -cli.html. Bugs fixed (https://bugzilla.redhat.com/): 1823765 - nfd-workers crash under an ipv6 environment 1838802 - mysql8 connector from operatorhub does not work with metering operator 1838845 - Metering operator can't connect to postgres DB from Operator Hub 1841883 - namespace-persistentvolumeclaim-usage query returns unexpected values 1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash 1868294 - NFD operator does not allow customisation of nfd-worker.conf 1882310 - CVE-2020-24750 jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration 1890672 - NFD is missing a build flag to build correctly 1890741 - path to the CA trust bundle ConfigMap is broken in report operator 1897346 - NFD worker pods not scheduler on a 3 node master/worker cluster 1898373 - Metering operator failing upgrade from 4.4 to 4.6 channel 1900125 - FIPS error while generating RSA private key for CA 1906129 - OCP 4.7: Node Feature Discovery (NFD) Operator in CrashLoopBackOff when deployed from OperatorHub 1908492 - OCP 4.7: Node Feature Discovery (NFD) Operator Custom Resource Definition file in olm-catalog is not in sync with the one in manifests dir leading to failed deployment from OperatorHub 1913837 - The CI and ART 4.7 metering images are not mirrored 1914869 - OCP 4.7 NFD - Operand configuration options for NodeFeatureDiscovery are empty, no supported image for ppc64le 1916010 - olm skip range is set to the wrong range 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 1923998 - NFD Operator is failing to update and remains in Replacing state 5

Trust: 2.79

sources: NVD: CVE-2020-24750 // JVNDB: JVNDB-2020-011430 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-178660 // VULMON: CVE-2020-24750 // PACKETSTORM: 159466 // PACKETSTORM: 162350 // PACKETSTORM: 159661 // PACKETSTORM: 162493 // PACKETSTORM: 161536

AFFECTED PRODUCTS

vendor:日立model:ucosminexus application serverscope: - version: -

Trust: 1.6

vendor:日立model:ucosminexus service platformscope: - version: -

Trust: 1.6

vendor:oraclemodel:banking liquidity managementscope:eqversion:14.3

Trust: 1.0

vendor:oraclemodel:communications element managerscope:gteversion:8.2.0

Trust: 1.0

vendor:oraclemodel:communications instant messaging serverscope:eqversion:10.0.1.5.0

Trust: 1.0

vendor:oraclemodel:banking credit facilities process managementscope:eqversion:14.5.0

Trust: 1.0

vendor:oraclemodel:banking corporate lending process managementscope:eqversion:14.3.0

Trust: 1.0

vendor:oraclemodel:banking liquidity managementscope:eqversion:14.2

Trust: 1.0

vendor:oraclemodel:communications calendar serverscope:eqversion:8.0

Trust: 1.0

vendor:oraclemodel:communications offline mediation controllerscope:eqversion:12.0.0.3.0

Trust: 1.0

vendor:oraclemodel:communications services gatekeeperscope:eqversion:7.0

Trust: 1.0

vendor:oraclemodel:communications unified inventory managementscope:eqversion:7.4.1

Trust: 1.0

vendor:oraclemodel:agile plmscope:eqversion:9.3.6

Trust: 1.0

vendor:oraclemodel:banking credit facilities process managementscope:eqversion:14.2.0

Trust: 1.0

vendor:oraclemodel:banking supply chain financescope:eqversion:14.5.0

Trust: 1.0

vendor:oraclemodel:banking supply chain financescope:eqversion:14.2.0

Trust: 1.0

vendor:fasterxmlmodel:jackson-databindscope:ltversion:2.9.10.6

Trust: 1.0

vendor:fasterxmlmodel:jackson-databindscope:gteversion:2.0.0

Trust: 1.0

vendor:oraclemodel:identity manager connectorscope:eqversion:11.1.1.5.0

Trust: 1.0

vendor:oraclemodel:communications session route managerscope:lteversion:8.2.2.1

Trust: 1.0

vendor:oraclemodel:autovue for agile product lifecycle managementscope:eqversion:21.0.2

Trust: 1.0

vendor:oraclemodel:communications calendar serverscope:eqversion:8.0.0.4.0

Trust: 1.0

vendor:oraclemodel:communications element managerscope:lteversion:8.2.4.0

Trust: 1.0

vendor:oraclemodel:banking liquidity managementscope:eqversion:14.5

Trust: 1.0

vendor:fasterxmlmodel:jackson-databindscope:ltversion:2.6.7.5

Trust: 1.0

vendor:oraclemodel:blockchain platformscope:ltversion:21.1.2

Trust: 1.0

vendor:oraclemodel:communications diameter signaling routerscope:gteversion:8.0.0

Trust: 1.0

vendor:oraclemodel:banking corporate lending process managementscope:eqversion:14.5.0

Trust: 1.0

vendor:oraclemodel:banking corporate lending process managementscope:eqversion:14.2.0

Trust: 1.0

vendor:oraclemodel:communications contacts serverscope:eqversion:8.0.0.5.0

Trust: 1.0

vendor:oraclemodel:communications policy managementscope:eqversion:12.5.0

Trust: 1.0

vendor:oraclemodel:communications messaging serverscope:eqversion:8.1

Trust: 1.0

vendor:fasterxmlmodel:jackson-databindscope:gteversion:2.7.0

Trust: 1.0

vendor:oraclemodel:siebel core - server frameworkscope:lteversion:21.5

Trust: 1.0

vendor:oraclemodel:communications diameter signaling routerscope:lteversion:8.2.2

Trust: 1.0

vendor:oraclemodel:communications session report managerscope:lteversion:8.2.2.1

Trust: 1.0

vendor:oraclemodel:siebel ui frameworkscope:lteversion:21.2

Trust: 1.0

vendor:oraclemodel:communications session report managerscope:gteversion:8.0.0.0

Trust: 1.0

vendor:oraclemodel:communications pricing design centerscope:eqversion:12.0.0.4.0

Trust: 1.0

vendor:oraclemodel:banking credit facilities process managementscope:eqversion:14.3.0

Trust: 1.0

vendor:oraclemodel:communications contacts serverscope:eqversion:8.0

Trust: 1.0

vendor:oraclemodel:banking supply chain financescope:eqversion:14.3.0

Trust: 1.0

vendor:oraclemodel:communications session route managerscope:gteversion:8.2.0

Trust: 1.0

vendor:oraclemodel:application testing suitescope:eqversion:13.3.0.1

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:fasterxmlmodel:jackson-databindscope: - version: -

Trust: 0.8

vendor:日立model:ucosminexus application server-rscope: - version: -

Trust: 0.8

vendor:日立model:ucosminexus developerscope: - version: -

Trust: 0.8

vendor:日立model:ucosminexus service architectscope: - version: -

Trust: 0.8

vendor:オラクルmodel:agile product lifecycle managementscope: - version: -

Trust: 0.8

vendor:オラクルmodel:oracle communications calendar serverscope: - version: -

Trust: 0.8

vendor:オラクルmodel:oracle communications contacts serverscope: - version: -

Trust: 0.8

vendor:オラクルmodel:oracle communications diameter signaling routerscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-011430 // NVD: CVE-2020-24750

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-24750
value: HIGH

Trust: 1.0

NVD: CVE-2020-24750
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202009-1066
value: HIGH

Trust: 0.6

VULHUB: VHN-178660
value: MEDIUM

Trust: 0.1

VULMON: CVE-2020-24750
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-24750
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-178660
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-24750
baseSeverity: HIGH
baseScore: 8.1
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.2
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2020-24750
baseSeverity: HIGH
baseScore: 8.1
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-178660 // VULMON: CVE-2020-24750 // JVNDB: JVNDB-2020-011430 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202009-1066 // NVD: CVE-2020-24750

PROBLEMTYPE DATA

problemtype:CWE-502

Trust: 1.1

problemtype:Deserialization of untrusted data (CWE-502) [NVD Evaluation ]

Trust: 0.8

sources: VULHUB: VHN-178660 // JVNDB: JVNDB-2020-011430 // NVD: CVE-2020-24750

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202009-1066

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

PATCH

title:hitachi-sec-2021-109url:https://github.com/FasterXML/jackson-databind/commit/ad5a630174f08d279504bc51ebba8772fd71b86b

Trust: 0.8

title:FasterXML jackson-databind Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=129712

Trust: 0.6

title:Red Hat: Important: rh-maven35-jackson-databind security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20204173 - Security Advisory

Trust: 0.1

title:Red Hat: Low: OpenShift Container Platform 4.3.40 security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20204264 - Security Advisory

Trust: 0.1

title:Hitachi Security Advisories: Multiple Vulnerabilities in Cosminexusurl:https://vulmon.com/vendoradvisory?qidtp=hitachi_security_advisories&qid=hitachi-sec-2021-109

Trust: 0.1

title:CVE-2020-24750url:https://github.com/Al1ex/CVE-2020-24750

Trust: 0.1

title: - url:https://github.com/pctF/vulnerable-app

Trust: 0.1

sources: VULMON: CVE-2020-24750 // JVNDB: JVNDB-2020-011430 // CNNVD: CNNVD-202009-1066

EXTERNAL IDS

db:NVDid:CVE-2020-24750

Trust: 3.1

db:PACKETSTORMid:162493

Trust: 0.8

db:PACKETSTORMid:159466

Trust: 0.8

db:PACKETSTORMid:162350

Trust: 0.8

db:JVNDBid:JVNDB-2020-011430

Trust: 0.8

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

db:AUSCERTid:ESB-2020.3631

Trust: 0.6

db:AUSCERTid:ESB-2021.0691

Trust: 0.6

db:AUSCERTid:ESB-2020.3449

Trust: 0.6

db:AUSCERTid:ESB-2021.1397

Trust: 0.6

db:AUSCERTid:ESB-2021.1437

Trust: 0.6

db:AUSCERTid:ESB-2022.0616

Trust: 0.6

db:AUSCERTid:ESB-2021.1573

Trust: 0.6

db:CS-HELPid:SB2022060909

Trust: 0.6

db:CS-HELPid:SB2021072820

Trust: 0.6

db:CS-HELPid:SB2021042534

Trust: 0.6

db:CS-HELPid:SB2021050708

Trust: 0.6

db:CS-HELPid:SB2022041931

Trust: 0.6

db:CS-HELPid:SB2022012315

Trust: 0.6

db:CS-HELPid:SB2021072725

Trust: 0.6

db:CS-HELPid:SB2021042826

Trust: 0.6

db:CS-HELPid:SB2021042318

Trust: 0.6

db:CS-HELPid:SB2022021426

Trust: 0.6

db:CNNVDid:CNNVD-202009-1066

Trust: 0.6

db:VULHUBid:VHN-178660

Trust: 0.1

db:VULMONid:CVE-2020-24750

Trust: 0.1

db:PACKETSTORMid:159661

Trust: 0.1

db:PACKETSTORMid:161536

Trust: 0.1

sources: VULHUB: VHN-178660 // VULMON: CVE-2020-24750 // JVNDB: JVNDB-2020-011430 // PACKETSTORM: 159466 // PACKETSTORM: 162350 // PACKETSTORM: 159661 // PACKETSTORM: 162493 // PACKETSTORM: 161536 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202009-1066 // NVD: CVE-2020-24750

REFERENCES

url:https://www.oracle.com/security-alerts/cpuapr2021.html

Trust: 2.3

url:https://www.oracle.com/security-alerts/cpujan2021.html

Trust: 2.3

url:https://www.oracle.com/security-alerts/cpuoct2021.html

Trust: 2.3

url:https://github.com/fasterxml/jackson-databind/commit/ad5a630174f08d279504bc51ebba8772fd71b86b

Trust: 1.7

url:https://security.netapp.com/advisory/ntap-20201009-0003/

Trust: 1.7

url:https://github.com/fasterxml/jackson-databind/issues/2798

Trust: 1.7

url:https://www.oracle.com//security-alerts/cpujul2021.html

Trust: 1.7

url:https://www.oracle.com/security-alerts/cpuapr2022.html

Trust: 1.7

url:https://www.oracle.com/security-alerts/cpujan2022.html

Trust: 1.7

url:https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2020-24750

Trust: 1.7

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-identified-in-jackson-databind-shipped-with-ibm-cloud-pak-system-cve-2020-24750/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022060909

Trust: 0.6

url:https://packetstormsecurity.com/files/159466/red-hat-security-advisory-2020-4173-01.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021072820

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022021426

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022041931

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021042826

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-cognos-business-intelligence-has-addressed-multiple-vulnerabilities-q12021/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022012315

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021042318

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-watson-discovery-for-ibm-cloud-pak-for-data-affected-by-vulnerability-in-fasterxml-jackson-databind-8/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021042534

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1397

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1573

Trust: 0.6

url:https://www.ibm.com/support/pages/node/6525182

Trust: 0.6

url:https://www.oracle.com/security-alerts/cpujul2021.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.0616

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021050708

Trust: 0.6

url:https://packetstormsecurity.com/files/162493/red-hat-security-advisory-2021-1515-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3449/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1437

Trust: 0.6

url:https://www.ibm.com/support/pages/node/6528214

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0691

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-jquery-spring-dom4j-mongodb-linux-kernel-targetcli-fb-jackson-node-js-and-apache-commons-affect-ibm-spectrum-protect-plus/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021072725

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3631/

Trust: 0.6

url:https://packetstormsecurity.com/files/162350/red-hat-security-advisory-2021-1230-01.html

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-24750

Trust: 0.5

url:https://access.redhat.com/security/team/contact/

Trust: 0.5

url:https://bugzilla.redhat.com/):

Trust: 0.4

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.3

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.3

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-36189

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2018-19360

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-36188

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-14379

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-14720

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2018-14718

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-20190

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-14718

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-36179

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-19361

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-36185

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-35490

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2018-14719

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-14719

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-36180

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2018-14720

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-35491

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-35490

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-35728

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-36180

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-36181

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-35491

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-36182

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-36183

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-36186

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-19360

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-36187

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2018-19362

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-36183

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-19362

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-36188

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2018-14721

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-36179

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-36182

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-36185

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-14721

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-36186

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-36187

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-36189

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-36184

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-36181

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-36184

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-20190

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2018-19361

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-35728

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-14379

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-20388

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-7595

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-19956

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-16935

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-19956

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-17546

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-15903

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-16935

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-8492

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2018-20843

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-20843

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-17546

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-20388

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-15903

Trust: 0.2

url:https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel

Trust: 0.2

url:https://access.redhat.com/errata/rhsa-2020:4173

Trust: 0.1

url:https://access.redhat.com/security/team/key/

Trust: 0.1

url:https://access.redhat.com/articles/11258

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3449

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3449

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.6/updating/updating-cluster

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:1230

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel

Trust: 0.1

url:https://access.redhat.com/errata/rhba-2021:1232

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2020:4264

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-17006

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-12749

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-2974

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-19126

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-14866

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-17023

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-17023

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-6829

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-12652

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12403

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-11756

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-11756

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12243

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-11068

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-18197

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-5482

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-14973

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-17498

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-18197

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-12749

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#low

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-17006

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-2226

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-2780

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-5094

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-12450

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-2974

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-2752

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20386

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-rel

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-2574

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14352

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-14822

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-14822

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12400

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-11727

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-11719

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-2225

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-5482

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12825

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-18190

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-14973

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12402

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8696

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-2181

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-5188

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2017-12652

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12401

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-12450

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-2182

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-11719

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.3/updating/updating-cluster

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8675

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-14866

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-20386

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2017-18190

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-2224

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-5094

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-11727

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-5188

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9283

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19126

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-11068

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-17498

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-2812

Trust: 0.1

url:https://issues.jboss.org/):

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-2163

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-15586

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-u

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-16845

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-16845

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-15586

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:1515

Trust: 0.1

url:https://access.redhat.com/errata/rhea-2020:5633

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20907

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-8624

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.7/updating/updating-cluster

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-13050

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-17450

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9925

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9802

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20218

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9895

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8625

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-13225

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-15165

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14382

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8812

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3899

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8819

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3867

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-1971

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-20454

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8720

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9893

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-19221

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8808

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3902

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-8623

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-20907

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-1751

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3900

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-8566

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8743

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25211

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9805

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19906

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8820

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9807

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8769

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8710

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8813

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9850

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8710

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8811

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2020:5635

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-5018

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-16168

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9803

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9862

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-24659

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9327

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3885

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-17450

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-15503

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-20807

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20916

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-5018

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-10018

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14422

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-14889

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-15157

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8835

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25658

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8764

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8844

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3865

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-1730

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3864

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-19906

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-20387

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20387

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-13627

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14391

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-15999

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3862

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3901

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-20916

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-3884

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-3884

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8823

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-1752

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-8622

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-13225

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19221

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3895

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-15165

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-11793

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20454

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8720

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9894

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8816

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9843

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-13627

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-6405

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8771

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-13050

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3897

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9806

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8814

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-14889

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8743

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3121

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9915

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-16168

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8815

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-13632

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-20218

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8625

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-10029

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8783

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20807

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-13630

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14040

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-8619

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-13631

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8766

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3868

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8846

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3894

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-8782

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-3898

Trust: 0.1

sources: VULHUB: VHN-178660 // JVNDB: JVNDB-2020-011430 // PACKETSTORM: 159466 // PACKETSTORM: 162350 // PACKETSTORM: 159661 // PACKETSTORM: 162493 // PACKETSTORM: 161536 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202009-1066 // NVD: CVE-2020-24750

CREDITS

Red Hat

Trust: 1.1

sources: PACKETSTORM: 159466 // PACKETSTORM: 162350 // PACKETSTORM: 159661 // PACKETSTORM: 162493 // PACKETSTORM: 161536 // CNNVD: CNNVD-202009-1066

SOURCES

db:VULHUBid:VHN-178660
db:VULMONid:CVE-2020-24750
db:JVNDBid:JVNDB-2020-011430
db:PACKETSTORMid:159466
db:PACKETSTORMid:162350
db:PACKETSTORMid:159661
db:PACKETSTORMid:162493
db:PACKETSTORMid:161536
db:CNNVDid:CNNVD-202104-975
db:CNNVDid:CNNVD-202009-1066
db:NVDid:CVE-2020-24750

LAST UPDATE DATE

2024-08-14T13:15:39.138000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-178660date:2022-05-12T00:00:00
db:VULMONid:CVE-2020-24750date:2023-09-13T00:00:00
db:JVNDBid:JVNDB-2020-011430date:2021-04-02T05:20:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:CNNVDid:CNNVD-202009-1066date:2022-06-10T00:00:00
db:NVDid:CVE-2020-24750date:2023-09-13T14:56:17.593

SOURCES RELEASE DATE

db:VULHUBid:VHN-178660date:2020-09-17T00:00:00
db:VULMONid:CVE-2020-24750date:2020-09-17T00:00:00
db:JVNDBid:JVNDB-2020-011430date:2021-04-02T00:00:00
db:PACKETSTORMid:159466date:2020-10-05T17:20:49
db:PACKETSTORMid:162350date:2021-04-27T15:37:46
db:PACKETSTORMid:159661date:2020-10-21T15:40:32
db:PACKETSTORMid:162493date:2021-05-06T15:03:00
db:PACKETSTORMid:161536date:2021-02-25T15:26:54
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:CNNVDid:CNNVD-202009-1066date:2020-09-17T00:00:00
db:NVDid:CVE-2020-24750date:2020-09-17T19:15:13.580