Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Security Notice 2026-2328-1 Significant Updates on Four Xen Risks

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

openSUSE 2026-2328-1 Xen Important Buffer Overflow Patch

Calendar White Jun 10, 2026
Important
Opensuse Large Esm H900
openSUSE

openSUSE Leap 15.6 Important Xen Denial of Service Fix SUSE-SU-2026-2329-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H800
SuSE

openSUSE Important xen Patch for Multiple Threats SUSE-2026-2329-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

SUSE MariaDB Critical Security Fix 12 Vulnerabilities 2026-2330-1

Calendar White Jun 10, 2026
Critical
Ubuntu Large Esm H900
Ubuntu

Ubuntu 22.04 LTS Exim4 Moderate Regression CVE-2023-42117

Calendar White Jun 10, 2026
Important
Suse Large Esm H800
SuSE

SUSE StrongSwan Important Double-Free CVE-2026-47895 Advisory 2026-2312-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

SUSE vim Important Command Injection Buffer Overflow Update 2026-2313-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

openSUSE Important libsoup HTTP Request Smuggling Vulnerability 2026-2314-1

Calendar White Jun 10, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":552,"type":"x","order":1,"pct":78.63,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.27,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.84,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.25,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -8 articles for you...
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity updatered hat

Red Hat: RHSA-2020:1523-01 Important: Jackson Databind Serialization Issues

An update for rh-maven35-jackson-databind is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: rh-maven35-jackson-databind security update Advisory ID: RHSA-2020:1523-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2020:1523 Issue date: 2020-04-21 Cross references: 1822587 1822174 1822932 1822937 1822927 CVE Names: CVE-2020-10968 CVE-2020-10969 CVE-2020-11111 CVE-2020-11112 CVE-2020-11113 ==================================================================== 1. Summary: An update for rh-maven35-jackson-databind is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch 3. Description: The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API. Security Fix(es): * jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider (CVE-2020-10968) * jackson-databind:Serialization gadgets in javax.swing.JEditorPane (CVE-2020-10969) * jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory (CVE-2020-11111) * jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider (CVE-2020-11112) * jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime (CVE-2020-11113) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1819208 - CVE-2020-10968 jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider 1819212 - CVE-2020-10969 jackson-databind: Serialization gadgets in javax.swing.JEditorPane 1821304 - CVE-2020-11111 jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory 1821311 - CVE-2020-11112 jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider 1821315 - CVE-2020-11113 jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-maven35-jackson-databind-2.7.6-2.9.el7.src.rpm noarch: rh-maven35-jackson-databind-2.7.6-2.9.el7.noarch.rpm rh-maven35-jackson-databind-javadoc-2.7.6-2.9.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-maven35-jackson-databind-2.7.6-2.9.el7.src.rpm noarch: rh-maven35-jackson-databind-2.7.6-2.9.el7.noarch.rpm rh-maven35-jackson-databind-javadoc-2.7.6-2.9.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.5): Source: rh-maven35-jackson-databind-2.7.6-2.9.el7.src.rpm noarch: rh-maven35-jackson-databind-2.7.6-2.9.el7.noarch.rpm rh-maven35-jackson-databind-javadoc-2.7.6-2.9.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6): Source: rh-maven35-jackson-databind-2.7.6-2.9.el7.src.rpm noarch: rh-maven35-jackson-databind-2.7.6-2.9.el7.noarch.rpm rh-maven35-jackson-databind-javadoc-2.7.6-2.9.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7): Source: rh-maven35-jackson-databind-2.7.6-2.9.el7.src.rpm noarch: rh-maven35-jackson-databind-2.7.6-2.9.el7.noarch.rpm rh-maven35-jackson-databind-javadoc-2.7.6-2.9.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-maven35-jackson-databind-2.7.6-2.9.el7.src.rpm noarch: rh-maven35-jackson-databind-2.7.6-2.9.el7.noarch.rpm rh-maven35-jackson-databind-javadoc-2.7.6-2.9.el7.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2020-10968 https://access.redhat.com/security/cve/CVE-2020-10969 https://access.redhat.com/security/cve/CVE-2020-11111 https://access.redhat.com/security/cve/CVE-2020-11112 https://access.redhat.com/security/cve/CVE-2020-11113 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBXp7oOtzjgjWX9erEAQghsBAAk6mN7QOctoM4gV9BDkYybnwjFrgzSgQg LahdpBV7QmHQ/6rdhSlbE8sGCdrUwLJy1GvRS1PzvUY2IzLf8c0rtzcHrIiD1wWB N5kEBWiNgHOpuU4etwbR9gGsY7hhSvyxzTyRhHU36UQJqyNoc95DfbokqeAf8Ggp dfw20J8hsCkQ6OkvDCM6T9fY7jcbHdiD4jx8WSMn3bQS3o8zRf1JJlMPOqLnHM+J 998+RIzoJYqqdL7XNWPMopvR1yps2Xx+NTL4+2Vg8e+2KVxO+ksIu3EqRsCRD0wT 22iPNX3r8ETjWcfLGw0Imvc8RiRsCL7L4oa+cbIpnBdvsRr/yW8IYmvJmHwFTZlK +vIyYPAfSCLuHSktXEwZ9WDMeFsJfZr+zdVZ5MmOgvMAIqg+0RSE3VBlzmuAOMbv yNz6SPODozvMDPmW1OwLhtGsu1CigORIuTRcNSYwTkXVoAxFhWXK0sHuxc3h1ne0 x38Tgk1grF7xbBSfvJwFn0MfBhufg4+iUuFhte7mtuSu3gvjQ/qt01Oo11p8cW2m g6lX1NGEsUpEONf0NS+1hFSxWB4ex7ln98e5AqNWtLHt3S5OHzI67+/4dgl5xF7J PdLv4j8b1AqTV8wRX6pK59OeslYcPhYdMWHEbMSkQJ3WZFOILkyTm6HWer9kl3Yt 8yoMyLl6FBM=n1if -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . A vital patch for rh-maven35-jackson-databind has been released; address significant serialization vulnerabilities.. Red Hat Security, Jackson Databind Update, Security Fixes, Important Advisory, Serialization Vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 21, 2020 Important Red Hat
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":552,"type":"x","order":1,"pct":78.63,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.27,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.84,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.25,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here