Security ID : QSA-24-10
Multiple Vulnerabilities in jackson-databind
Release date : March 9, 2024
CVE identifier : CVE-2022-42004 | CVE-2022-42003 | CVE-2020-36518 | CVE-2021-46877
Affected products: QuMagie Mobile 2.2.x for Android
Severity
Moderate
Status
Resolved
Summary
Multiple vulnerabilities have been reported in jackson-databind, which affect QuMagie Mobile for Android.
We have already fixed the vulnerabilities in the following version:
| Affected Product | Fixed Version |
| QuMagie Mobile 2.2.x for Android | QuMagie Mobile 2.2.0.0126 and later for Android |
Recommendation
To secure your device, we recommend regularly updating your QNAP mobile apps to the latest versions to benefit from vulnerability fixes. You can check the QNAP Mobile App page to see the latest updates.
Attachment
Acknowledgements: Himanshu Sondhi
Revision History:
V1.0 (March 09, 2024) - Published
