CVE-2018-19362

Published: Jan 2, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/FasterXML/jackson-databind/issues/2186

x_refsource_CONFIRM

[debian-lts-announce] 20190304 [SECURITY] [DLA 1703-1] jackson-databind security update

mailing-list

x_refsource_MLIST

https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8

x_refsource_CONFIRM

https://issues.apache.org/jira/browse/TINKERPOP-2121

x_refsource_CONFIRM

https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b

x_refsource_CONFIRM

[infra-devnull] 20190329 [GitHub] [pulsar] massakam opened pull request #3938: Upgrade third party libraries with security vulnerabilities

mailing-list

x_refsource_MLIST

[pulsar-commits] 20190329 [GitHub] [pulsar] massakam opened a new pull request #3938: Upgrade third party libraries with security vulnerabilities

mailing-list

x_refsource_MLIST

[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1

mailing-list

x_refsource_MLIST

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

x_refsource_MISC

RHSA-2019:0782

vendor-advisory

x_refsource_REDHAT

RHSA-2019:0877

vendor-advisory

x_refsource_REDHAT

RHBA-2019:0959

vendor-advisory

x_refsource_REDHAT

DSA-4452

vendor-advisory

x_refsource_DEBIAN

20190527 [SECURITY] [DSA 4452-1] jackson-databind security update

mailing-list

x_refsource_BUGTRAQ

https://security.netapp.com/advisory/ntap-20190530-0003/

x_refsource_CONFIRM

RHSA-2019:1782

vendor-advisory

x_refsource_REDHAT

RHSA-2019:1797

vendor-advisory

x_refsource_REDHAT

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

x_refsource_MISC

107985

vdb-entry

x_refsource_BID

RHSA-2019:1822

vendor-advisory

x_refsource_REDHAT

RHSA-2019:1823

vendor-advisory

x_refsource_REDHAT

RHSA-2019:2804

vendor-advisory

x_refsource_REDHAT

RHSA-2019:2858

vendor-advisory

x_refsource_REDHAT

RHSA-2019:3002

vendor-advisory

x_refsource_REDHAT

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

x_refsource_MISC

RHSA-2019:3140

vendor-advisory

x_refsource_REDHAT

[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities

mailing-list

x_refsource_MLIST

RHSA-2019:3149

vendor-advisory

x_refsource_REDHAT

[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities

mailing-list

x_refsource_MLIST

[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities

mailing-list

x_refsource_MLIST

[nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html

mailing-list

x_refsource_MLIST

RHSA-2019:3892

vendor-advisory

x_refsource_REDHAT

RHSA-2019:4037

vendor-advisory

x_refsource_REDHAT

https://www.oracle.com/security-alerts/cpujan2020.html

x_refsource_MISC

[nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html

mailing-list

x_refsource_MLIST

https://www.oracle.com/security-alerts/cpuapr2020.html

x_refsource_MISC

[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image

mailing-list

x_refsource_MLIST

[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-19362

Description

Affected Products

References