FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. Depending on the classpath content, remote code execution may be possible.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Debian
  • Debian Linux
Fasterxml
  • Jackson-databind
Redhat
  • Amq Streams
  • Enterprise Linux
  • Jboss Enterprise Application Platform
  • Jboss Enterprise Application Platform Eus
  • Jboss Enterprise Bpms Platform
  • Jboss Enterprise Brms Platform
  • Jboss Fuse
  • Openshift
  • Openshift Application Runtimes
  • Rhel Software Collections

Configuration 1 [-]

OR cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*
cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*
cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*
cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 3 [-]

OR cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.7:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat AMQ Streams 1
cpe:/a:redhat:amq_streams:1 RHSA-2019:3200 2019-10-24T00:00:00Z
Red Hat Decision Manager 7
jackson-databind cpe:/a:redhat:jboss_enterprise_brms_platform:7.5 RHSA-2019:3292 2019-10-31T00:00:00Z
Red Hat Enterprise Linux 8
pki-deps:10.6-8000020190807021343.f8e95b4e cpe:/a:redhat:enterprise_linux:8 RHSA-2019:2720 2019-09-12T00:00:00Z
Red Hat Fuse 6.3
jackson-databind cpe:/a:redhat:jboss_fuse:6.3 RHSA-2019:4352 2019-12-19T00:00:00Z
Red Hat Fuse 7.6.0
jackson-databind cpe:/a:redhat:jboss_fuse:7 RHSA-2020:0983 2020-03-26T00:00:00Z
Red Hat JBoss EAP 7.2
jackson-databind cpe:/a:redhat:jboss_enterprise_application_platform:7.2 RHSA-2019:2938 2019-09-30T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7
eap7-jackson-databind-0:2.8.11.5-1.redhat_00001.1.ep7.el7 cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7 RHSA-2024:5856 2024-08-26T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6
eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el6eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6 RHSA-2019:2935 2019-10-01T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7
eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el7eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7 RHSA-2019:2936 2019-10-01T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8
eap7-activemq-artemis-0:2.9.0-1.redhat_00005.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-codehaus-jackson-0:1.9.13-9.redhat_00006.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-glassfish-jsf-0:2.3.5-4.SP3_redhat_00002.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-hal-console-0:3.0.16-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-hibernate-0:5.3.11-2.SP1_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-infinispan-0:9.3.7-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-ironjacamar-0:1.4.17-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-jackson-annotations-0:2.9.9-1.redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-jackson-core-0:2.9.9-1.redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-jackson-databind-0:2.9.9.3-1.redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-jackson-jaxrs-providers-0:2.9.9-2.redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-jackson-modules-base-0:2.9.9-1.redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-jackson-modules-java8-0:2.9.9-1.redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-jboss-ejb-client-0:4.0.23-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-jboss-jaxrs-api_2.1_spec-0:1.0.3-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-jboss-logging-0:3.3.3-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-jboss-logmanager-0:2.1.14-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-jboss-marshalling-0:2.0.9-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-jboss-msc-0:1.4.8-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-jboss-remoting-0:5.0.14-1.SP1_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-jboss-server-migration-0:1.3.1-4.Final_redhat_00004.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-jboss-xnio-base-0:3.7.3-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-jgroups-0:4.0.20-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-narayana-0:5.9.6-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-netty-0:4.1.34-2.Final_redhat_00002.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-picketbox-0:5.0.3-5.Final_redhat_00004.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00007.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00007.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-undertow-0:2.0.25-1.SP1_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-weld-core-0:3.0.6-2.Final_redhat_00002.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-wildfly-0:7.2.4-1.GA_redhat_00002.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-wildfly-elytron-0:1.6.4-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-wildfly-elytron-tool-0:1.4.3-1.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
eap7-wildfly-transaction-client-0:1.1.6-2.Final_redhat_00001.1.el8eap cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8 RHSA-2019:2937 2019-10-01T00:00:00Z
Red Hat Openshift Application Runtimes Vert.x 3.8.3
jackson-databind cpe:/a:redhat:openshift_application_runtimes:1.0 RHSA-2019:3901 2019-11-18T00:00:00Z
Red Hat OpenShift Container Platform 3.11
openshift3/ose-logging-elasticsearch5:v3.11.153-2 cpe:/a:redhat:openshift:3.11::el7 RHSA-2019:3149 2019-10-18T00:00:00Z
Red Hat OpenShift Container Platform 4.1
openshift4/ose-logging-elasticsearch5:v4.1.18-201909201915 cpe:/a:redhat:openshift:4.1::el7 RHSA-2019:2858 2019-09-27T00:00:00Z
Red Hat Process Automation 7
jackson-databind cpe:/a:redhat:jboss_enterprise_bpms_platform:7.5 RHSA-2019:3297 2019-10-31T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7
rh-maven35-jackson-databind-0:2.7.6-2.6.el7 cpe:/a:redhat:rhel_software_collections:3::el7 RHSA-2019:1820 2019-07-22T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS
rh-maven35-jackson-databind-0:2.7.6-2.6.el7 cpe:/a:redhat:rhel_software_collections:3::el7 RHSA-2019:1820 2019-07-22T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS
rh-maven35-jackson-databind-0:2.7.6-2.6.el7 cpe:/a:redhat:rhel_software_collections:3::el7 RHSA-2019:1820 2019-07-22T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS
rh-maven35-jackson-databind-0:2.7.6-2.6.el7 cpe:/a:redhat:rhel_software_collections:3::el7 RHSA-2019:1820 2019-07-22T00:00:00Z
Text-Only RHOAR
cpe:/a:redhat:openshift_application_runtimes:1.0 RHSA-2019:2998 2019-10-10T00:00:00Z
References
Link Providers
https://access.redhat.com/errata/RHSA-2019:1820 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:2720 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:2858 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:2935 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:2936 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:2937 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:2938 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:2998 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:3149 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:3200 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:3292 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:3297 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:3901 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:4352 cve-icon cve-icon
https://blog.doyensec.com/2019/07/22/jackson-gadgets.html cve-icon cve-icon
https://doyensec.com/research.html cve-icon cve-icon
https://github.com/FasterXML/jackson-databind/compare/74b90a4...a977aad cve-icon cve-icon
https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9%40%3Cdev.tomee.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4%40%3Cdev.tomee.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d%40%3Cdev.tomee.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592%40%3Ccommits.cassandra.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/56c8042873595b8c863054c7bfccab4bf2c01c6f5abedae249d914b9%40%3Cdev.tomee.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/5ecc333113b139429f4f05000d4aa2886974d4df3269c1dd990bb319%40%3Cdev.tomee.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/5fc0e16b7af2590bf1e97c76c136291c4fdb244ee63c65c485c9a7a1%40%3Cdev.tomee.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/87e46591de8925f719664a845572d184027258c5a7af0a471b53c77b%40%3Cdev.tomee.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/940b4c3fef002461b89a050935337056d4a036a65ef68e0bbd4621ef%40%3Cdev.struts.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/e0733058c0366b703e6757d8d2a7a04b943581f659e9c271f0841dfe%40%3Cnotifications.geode.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/ee0a051428d2c719acfa297d0854a189ea5e284ef3ed491fa672f4be%40%3Cdev.tomee.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2019/06/msg00019.html cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OVRZDN2T6AZ6DJCZJ3VSIQIVHBVMVWBL/ cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TXRVXNRFHJSQWFHPRJQRI5UPMZ63B544/ cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UKUALE2TUCKEKOHE2D342PQXN4MWCSLC/ cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2019-12384 cve-icon
https://seclists.org/bugtraq/2019/Oct/6 cve-icon cve-icon
https://security.netapp.com/advisory/ntap-20190703-0002/ cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2019-12384 cve-icon
https://www.debian.org/security/2019/dsa-4542 cve-icon cve-icon
https://www.oracle.com/security-alerts/cpuapr2020.html cve-icon cve-icon
https://www.oracle.com/security-alerts/cpujan2020.html cve-icon cve-icon
https://www.oracle.com/security-alerts/cpujul2020.html cve-icon cve-icon
https://www.oracle.com/security-alerts/cpuoct2020.html cve-icon cve-icon
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html cve-icon cve-icon
History

Mon, 26 Aug 2024 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat jboss Enterprise Application Platform Eus
CPEs cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7
Vendors & Products Redhat jboss Enterprise Application Platform Eus
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-04T23:17:39.988Z

Reserved: 2019-05-27T00:00:00

Link: CVE-2019-12384

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-06-24T16:15:15.103

Modified: 2024-11-21T04:22:43.350

Link: CVE-2019-12384

cve-icon Redhat

Severity : Important

Publid Date: 2019-06-21T00:00:00Z

Links: CVE-2019-12384 - Bugzilla