vulnerability
FreeBSD: VID-10E3ED8A-DB7F-11EA-8BDF-643150D3111D (CVE-2020-14060): puppetdb -- Multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Jun 14, 2020 | Aug 11, 2020 | Aug 11, 2020 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Jun 14, 2020
Added
Aug 11, 2020
Modified
Aug 11, 2020
Description
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill).
Solution
freebsd-upgrade-package-puppetdb5
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.