We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVE ID: CVE-2018-14719 Description: FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization. CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Discovery Date: 2019-05-30 Vendors: * debian * oracle * fasterxml References: * [https://github.com/FasterXML/jackson-databind/issues/2097] (FasterXML/jackson-databind#2097) * [20190527 [SECURITY] [DSA 4452-1] jackson-databind security update] (https://seclists.org/bugtraq/2019/May/68) * [RHBA-2019:0959] (https://access.redhat.com/errata/RHBA-2019:0959) * [https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44] (FasterXML/jackson-databind@87d29af) * [https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html] (https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html) * [RHSA-2019:0877] (https://access.redhat.com/errata/RHSA-2019:0877) * [https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html] (https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html) * [[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1] (https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E) * [https://security.netapp.com/advisory/ntap-20190530-0003/] (https://security.netapp.com/advisory/ntap-20190530-0003/) * [https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7] (https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7) * [RHSA-2019:0782] (https://access.redhat.com/errata/RHSA-2019:0782) * [[debian-lts-announce] 20190304 [SECURITY] [DLA 1703-1] jackson-databind security update] (https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html) * [DSA-4452] (https://www.debian.org/security/2019/dsa-4452)
The text was updated successfully, but these errors were encountered:
No branches or pull requests
CVE ID: CVE-2018-14719 Description: FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization. CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Discovery Date: 2019-05-30 Vendors: * debian * oracle * fasterxml References: * [https://github.com/FasterXML/jackson-databind/issues/2097] (FasterXML/jackson-databind#2097) * [20190527 [SECURITY] [DSA 4452-1] jackson-databind security update] (https://seclists.org/bugtraq/2019/May/68) * [RHBA-2019:0959] (https://access.redhat.com/errata/RHBA-2019:0959) * [https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44] (FasterXML/jackson-databind@87d29af) * [https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html] (https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html) * [RHSA-2019:0877] (https://access.redhat.com/errata/RHSA-2019:0877) * [https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html] (https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html) * [[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1] (https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E) * [https://security.netapp.com/advisory/ntap-20190530-0003/] (https://security.netapp.com/advisory/ntap-20190530-0003/) * [https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7] (https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7) * [RHSA-2019:0782] (https://access.redhat.com/errata/RHSA-2019:0782) * [[debian-lts-announce] 20190304 [SECURITY] [DLA 1703-1] jackson-databind security update] (https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html) * [DSA-4452] (https://www.debian.org/security/2019/dsa-4452)
The text was updated successfully, but these errors were encountered: