A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the jboss-common-core class. An attacker could use this flaw to execute arbitrary code.

References

bugzilla.redhat.com/show_bug.cgi?id=1666489

www.cve.org/CVERecord?id=CVE-2018-19362 https://nvd.nist.gov/vuln/detail/CVE-2018-19362

github 1

prion 1

osv 5

ubuntucve 1

cvelist 1

nvd 1

cve 1

debiancve 1

veracode 1

nessus 10

ibm 22

redhat 16

debian 2

openvas 21

fedora 18

ubuntu 1

hp 1

oracle 5

github

com.fasterxml.jackson.core:jackson-databind vulnerable to Deserialization of Untrusted Data

2019-01-04 19:07:03

prion

Deserialization of untrusted data

2019-01-02 18:29:00

osv

com.fasterxml.jackson.core:jackson-databind vulnerable to Deserialization of Untrusted Data

2019-01-04 19:07:03

CVE-2018-19362

2019-01-02 18:29:00

jackson-databind - security update

2019-03-04 00:00:00

ubuntucve

CVE-2018-19362

2019-01-02 00:00:00

cvelist

CVE-2018-19362

2019-01-02 18:00:00

nvd

CVE-2018-19362

2019-01-02 18:29:00

cve

CVE-2018-19362

2019-01-02 18:29:00

debiancve

CVE-2018-19362

2019-01-02 18:29:00

veracode

Remote Code Execution (RCE)

2019-01-03 03:06:26

nessus

Oracle WebCenter Portal Multiple Vulnerabilities (Apr 2019 CPU)

2019-04-23 00:00:00

Oracle Primavera Gateway Multiple Vulnerabilities (Jul 2019 CPU)

2019-07-19 00:00:00

Oracle Primavera Unifier Multiple Vulnerabilities (Apr 2019 CPU)

2019-04-19 00:00:00

ibm

Security Bulletin: Multiple vulnerabilities affect IBM Cloud Object Storage SDK Java (Feb 2019, updated)

2019-03-01 00:05:02

Security Bulletin: Multiple vulnerabilities have been identified in FasterXML Jackson library shipped with IBM Tivoli Netcool/OMNIbus Common Integration Libraries (CVE-2018-19360, CVE-2018-19361, CVE-2018-19362, CVE-2018-1000873)

2019-03-05 09:30:01

Security Bulletin: IBM Event Streams is affected by jackson-databind vulnerabilities

2019-04-26 16:00:01

redhat

(RHSA-2020:2564) Important: EAP Continuous Delivery Technical Preview Release 16 security update

2020-06-15 16:12:30

(RHSA-2019:3002) Important: Red Hat FIS 2.0 on Fuse 6.3.0 R13 security and bug fix update

2019-10-10 12:48:05

(RHSA-2019:1797) Important: Red Hat JBoss BPM Suite 6.4.12 security update

2019-07-16 16:19:53

debian

[SECURITY] [DLA 1703-1] jackson-databind security update

2019-03-04 12:13:19

[SECURITY] [DSA 4452-1] jackson-databind security update

2019-05-24 21:04:55

openvas

Debian: Security Advisory (DSA-4452-1)

2019-05-26 00:00:00

Fedora Update for jackson-core FEDORA-2019-df57551f6d

2019-05-07 00:00:00

Fedora Update for jackson-datatypes-collections FEDORA-2019-df57551f6d

2019-05-07 00:00:00

fedora

[SECURITY] Fedora 29 Update: jackson-core-2.9.8-1.fc29

2019-02-19 14:03:52

[SECURITY] Fedora 29 Update: eclipse-linuxtools-7.1.0-3.fc29

2019-02-19 14:03:52

[SECURITY] Fedora 29 Update: jackson-bom-2.9.8-1.fc29

2019-02-19 14:03:52

ubuntu

Jackson Databind vulnerabilities

2021-03-15 00:00:00

HP Device Manager Security Updates

2023-10-20 00:00:00

oracle

Oracle Critical Patch Update Advisory - October 2019

2020-01-22 00:00:00

Oracle Critical Patch Update Advisory - April 2019

2019-04-16 00:00:00

Oracle Critical Patch Update Advisory - July 2019

2019-07-16 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.007 Low

EPSS

Percentile

80.9%

JSON

Related for RH:CVE-2018-19362