← Back

CVE-2019-14540

nvd nist
Published: Sep 15, 2019Modified: Nov 21, 2024

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.

Affected (49)

Show all products
Fasterxml: Jackson Databind · Netapp: Oncommand Api Services, Oncommand Workflow Automation, Steelstore Cloud Integrated Storage · Fedoraproject: Fedora · Debian: Debian Linux · Redhat: Jboss Enterprise Application Platform · Oracle: Banking Platform, Customer Management And Segmentation Foundation, Financial Services Analytical Applications Infrastructure, Global Lifecycle Management Opatch, Goldengate Application Adapters, Goldengate Stream Analytics, Mysql, Primavera Gateway, Primavera Unifier, Retail Customer Management And Segmentation Foundation, Retail Xstore Point Of Service, Weblogic Server
Fasterxml
1 product
Jackson Databind
Netapp
3 products
Oncommand Api Services
Oncommand Workflow Automation
Steelstore Cloud Integrated Storage
Fedoraproject
1 product
Fedora
Debian
1 product
Debian Linux
Redhat
1 product
Jboss Enterprise Application Platform
Oracle
12 products
Banking Platform
Customer Management And Segmentation Foundation
Financial Services Analytical Applications Infrastructure
Global Lifecycle Management Opatch
Goldengate Application Adapters
Goldengate Stream Analytics
Mysql
Primavera Gateway
Primavera Unifier
Retail Customer Management And Segmentation Foundation
Retail Xstore Point Of Service
Weblogic Server
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Fasterxml
Jackson Databind
From 2.0.0 to 2.6.7.3
Jackson Databind
From 2.7.0 to 2.8.11.5
Jackson Databind
From 2.9.0 to 2.9.10
Configuration B
3 vulnerable
Vulnerable SoftwareAffected Versions
Oncommand Api Services
All versions
Oncommand Workflow Automation
All versions
Steelstore Cloud Integrated Storage
All versions
Configuration C
2 vulnerable
Vulnerable SoftwareAffected Versions
Fedoraproject
Fedora
Version 30
Fedora
Version 31
Configuration D
3 vulnerable
Vulnerable SoftwareAffected Versions
Debian
Debian Linux
Version 10.0
Debian Linux
Version 8.0
Debian Linux
Version 9.0
Configuration E
2 vulnerable · 3 platform
Vulnerable SoftwareAffected Versions
Redhat
Jboss Enterprise Application Platform
Version 7.2
Jboss Enterprise Application Platform
Version 7.3
Running on/withPlatform Versions
Redhat
Enterprise Linux
Version 6.0
Redhat
Enterprise Linux
Version 7.0
Redhat
Enterprise Linux
Version 8.0
Configuration F
36 vulnerable
Vulnerable SoftwareAffected Versions
Oracle
Banking Platform
Version 2.4.0
Banking Platform
Version 2.4.1
Banking Platform
Version 2.5.0
Banking Platform
Version 2.6.0
Banking Platform
Version 2.6.1
Banking Platform
Version 2.7.0
Banking Platform
Version 2.7.1
Customer Management And Segmentation Foundation
Version 18.0
Financial Services Analytical Applications Infrastructure
From 8.0.2 to 8.0.8
Oracle
Global Lifecycle Management Opatch
Before 11.2.0.3.23
Global Lifecycle Management Opatch
From 12.2.0.1.0 to 12.2.0.1.19
Global Lifecycle Management Opatch
From 13.9.4.0.0 to 13.9.4.2.1
Goldengate Application Adapters
Version 19.1.0.0.0
Goldengate Stream Analytics
Before 19.1.0.0.1
Oracle
Mysql
From 5.7.0 to 5.7.30
Mysql
From 8.0.0 to 8.0.20
Oracle
Primavera Gateway
Version 15.2.18
Primavera Gateway
Version 15.2
Primavera Gateway
Version 16.2.11
Primavera Gateway
Version 16.2
Primavera Gateway
Version 17.12.6
Primavera Gateway
Version 17.12
Primavera Gateway
Version 18.8.0
Primavera Gateway
Version 18.8.8.1
Oracle
Primavera Unifier
From 17.7 to 17.12
Primavera Unifier
Version 16.1
Primavera Unifier
Version 16.2
Primavera Unifier
Version 18.8
Primavera Unifier
Version 19.12
Retail Customer Management And Segmentation Foundation
Version 17.0
Oracle
Retail Xstore Point Of Service
Version 15.0
Retail Xstore Point Of Service
Version 16.0
Retail Xstore Point Of Service
Version 17.0
Retail Xstore Point Of Service
Version 18.0
Retail Xstore Point Of Service
Version 7.1
Weblogic Server
Version 12.2.1.3.0

Related CWEs

CWE-502
Deserialization of Untrusted Data
The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

References (70)

Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Release NotesThird Party Advisory
Source: cve@mitre.org
PatchThird Party Advisory
Source: cve@mitre.org
PatchThird Party Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Release NotesThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory

Timeline

No history available yet.