Lucene search
RedHatRHSA-2020:2564HistoryJun 15, 2020 - 4:12 p.m.
(RHSA-2020:2564) Important: EAP Continuous Delivery Technical Preview Release 16 security update
2020-06-1516:12:30
access.redhat.com
38
0.049 Low
EPSS
Percentile
92.8%
Red Hat JBoss Enterprise Application Platform CD16 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform CD16 includes bug fixes and enhancements.
Security Fix(es):
- jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)
- jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)
- jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)
- jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)
- jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)
- jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)
- jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Related
ibm
ibm
osv
osv
jackson-databind - security update
2019-03-04 00:00:00
jackson-databind - security update
2019-05-24 00:00:00
Deserialization of Untrusted Data in jackson-databind
2019-01-04 19:07:01
nessus
nessus
RHEL 7 : rh-maven35-jackson-databind (RHSA-2019:0782)
2024-04-28 00:00:00
Debian DLA-1703-1 : jackson-databind security update
2019-03-05 00:00:00
Oracle Primavera Unifier Multiple Vulnerabilities (Jan 2019 CPU)
2019-01-18 00:00:00
debian
debian
[SECURITY] [DLA 1703-1] jackson-databind security update
2019-03-04 12:13:19
[SECURITY] [DSA 4452-1] jackson-databind security update
2019-05-24 21:04:55
redhat
redhat
(RHSA-2019:0782) Important: rh-maven35-jackson-databind security update
2019-04-17 20:45:27
(RHSA-2019:1822) Important: Red Hat Decision Manager 7.4.0 Security Update
2019-07-22 14:51:53
(RHSA-2019:4037) Important: Red Hat Data Grid 7.3.2 security update
2019-12-02 16:21:52
openvas
openvas
Debian: Security Advisory (DLA-1703-1)
2019-03-03 00:00:00
Fedora Update for jackson-dataformats-binary FEDORA-2019-df57551f6d
2019-05-07 00:00:00
Fedora Update for jackson-dataformat-xml FEDORA-2019-df57551f6d
2019-05-07 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: jackson-parent-2.9.1.2-1.fc29
2019-02-19 14:03:53
[SECURITY] Fedora 29 Update: jackson-dataformats-text-2.9.8-1.fc29
2019-02-19 14:03:52
[SECURITY] Fedora 29 Update: eclipse-linuxtools-7.1.0-3.fc29
2019-02-19 14:03:52
freebsd
freebsd
payara -- multiple vulnerabilities
2019-02-01 00:00:00
debiancve
debiancve
symantec
symantec
nvd
nvd
redhatcve
redhatcve
github
github
com.fasterxml.jackson.core:jackson-databind vulnerable to Deserialization of Untrusted Data
2019-01-04 19:07:03
Deserialization of Untrusted Data in jackson-databind due to polymorphic deserialization
2019-01-04 19:06:57
Arbitrary Code Execution in jackson-databind
2019-01-04 19:06:55
cvelist
cvelist
prion
prion
Deserialization of untrusted data
2019-01-02 18:29:00
Deserialization of untrusted data
2019-01-02 18:29:00
Deserialization of untrusted data
2019-01-02 18:29:00
cve
cve
atlassian
atlassian
ubuntucve
ubuntucve
veracode
veracode
Deserialisation Of Untrusted Data
2019-01-03 01:18:22
Remote Code Execution (RCE)
2019-01-03 06:15:06
Remote Code Execution (RCE)
2019-01-03 03:06:26
ubuntu
ubuntu
Jackson Databind vulnerabilities
2021-03-15 00:00:00
hp
hp
HP Device Manager Security Updates
2023-10-20 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2019
2020-01-22 00:00:00
Oracle Critical Patch Update Advisory - April 2019
2019-04-16 00:00:00
Oracle Critical Patch Update Advisory - July 2019
2019-07-16 00:00:00