Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Block one more gadget type (caucho-quercus, CVE-2020-10673) #2660

Closed
cowtowncoder opened this issue Mar 18, 2020 · 1 comment
Closed

Block one more gadget type (caucho-quercus, CVE-2020-10673) #2660

cowtowncoder opened this issue Mar 18, 2020 · 1 comment
Labels
CVE Issues related to public CVEs (security vuln reports)
Milestone
2.9.10.4

Comments

@cowtowncoder
Copy link
Member

cowtowncoder commented Mar 18, 2020
edited

Another gadget type(s) reported regarding a class of caucho-quercus library.
See https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 for description of the general problem.

Mitre id: CVE-2020-10673
Reporter: threedr3am'follower

Fix is included in:
@cowtowncoder cowtowncoder added 2.9 CVE Issues related to public CVEs (security vuln reports) labels Mar 18, 2020
@cowtowncoder cowtowncoder added this to the 2.9.10.4 milestone Mar 18, 2020
@cowtowncoder cowtowncoder changed the title Block one more gadget type (TO BE FILLED) Block one more gadget type (caucho-quercus, CVE-2020-10673) Mar 18, 2020
@cowtowncoder cowtowncoder mentioned this issue Mar 26, 2020
Closed
martokarski pushed a commit to atlassian/jackson-1 that referenced this issue May 8, 2020
Block one more gadget type (caucho-quercus, CVE-2020-10673)
eca42b9 
Merged from FasterXML/jackson-databind#2660
@mend-for-github-com mend-for-github-com bot mentioned this issue May 27, 2020
Open
This was referenced May 28, 2020
Closed
Open
Closed
Open
Closed
This was referenced Jun 9, 2020
Closed
Open
@mend-for-github-com mend-for-github-com bot mentioned this issue Jun 18, 2020
Open
@mend-bolt-for-github mend-bolt-for-github bot mentioned this issue Jun 20, 2020
Closed
@mend-for-github-com mend-for-github-com bot mentioned this issue Jun 22, 2020
Open
This was referenced Jun 24, 2020
Open
Closed
Open
This was referenced Jul 2, 2020
Open
Open
@mend-bolt-for-github mend-bolt-for-github bot mentioned this issue Jul 6, 2020
Open
@mend-for-github-com mend-for-github-com bot mentioned this issue Jul 7, 2020
Closed
This was referenced Jul 8, 2020
Open
Closed
Open
Open
This was referenced Feb 4, 2022
Closed
Open
This was referenced Feb 27, 2022
Closed
Closed
@mend-bolt-for-github mend-bolt-for-github bot mentioned this issue Mar 1, 2022
Open
@mend-for-github-com mend-for-github-com bot mentioned this issue Mar 1, 2022
Closed
This was referenced Mar 11, 2022
Closed
Closed
This was referenced Mar 12, 2022
Closed
Closed
@mend-bolt-for-github mend-bolt-for-github bot mentioned this issue Mar 14, 2022
Open
This was referenced Mar 14, 2022
Closed
Open
@mend-bolt-for-github mend-bolt-for-github bot mentioned this issue Mar 22, 2022
Open
This was referenced Mar 31, 2022
Closed
Open
This was referenced May 10, 2022
Open
Open
@mend-bolt-for-github mend-bolt-for-github bot mentioned this issue May 31, 2022
Closed
This was referenced May 31, 2022
Closed
Closed
Closed
@scott-cx scott-cx mentioned this issue Aug 1, 2022
Open
@cxronen cxronen mentioned this issue Sep 20, 2022
Open
@margaritalm margaritalm mentioned this issue Dec 25, 2022
Open
This was referenced Feb 15, 2023
Open
Open
This was referenced Apr 28, 2023
Open
Open
@cxronen cxronen mentioned this issue May 25, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
CVE Issues related to public CVEs (security vuln reports)
Projects
None yet
Milestone
2.9.10.4
Development

No branches or pull requests
1 participant
@cowtowncoder