-
-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Block 2 more gadget types (newrelic-agent, CVE-2020-36188/CVE-2020-36189) #2996
Comments
cowtowncoder
added
to-evaluate
Issue that has been received but not yet evaluated
CVE
Issues related to public CVEs (security vuln reports)
and removed
to-evaluate
Issue that has been received but not yet evaluated
labels
Dec 23, 2020
cowtowncoder
changed the title
Block 2 more gadget types (placeholder)
Block 2 more gadget types (newrelic-agent)
Dec 26, 2020
The following CVEs have been assigned to this issue: |
cowtowncoder
changed the title
Block 2 more gadget types (newrelic-agent)
Block 2 more gadget types (newrelic-agent, CVE-2020-36188/CVE-2020-36189)
Jan 7, 2021
This was referenced Jan 9, 2021
Open
Open
This was referenced May 31, 2022
CVE-2020-36189 (High) detected in jackson-databind-2.6.7.3.jar - autoclosed
Gal-Doron/localConfig#22
Closed
This was referenced Feb 21, 2023
Open
This was referenced Feb 15, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Another gadget type(s) reported regarding class(es) of
com.newrelic.agent.java:newrelic-agent
library (version 3.x).See https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 for description of the general problem.
Reporter(s): Al1ex@knownsec
Mitre id(s):
Note: derivative of #2334 and #2389 (embedded
logback-core
)Fix will be included in:
The text was updated successfully, but these errors were encountered: