R4v3zn

1 exploit Active since Mar 2020
CVE-2020-10673 NOMISEC HIGH WORKING POC
FasterXML jackson-databind <2.9.10.4 - Code Injection
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).
CVSS 8.8