CVE-2019-20330

Vulnerable Software	Affected Versions
Oracle Banking Platform	From 2.4.0 to 2.9.0
Oracle Communications Billing And Revenue Management	Version 12.0.0.3.0
Oracle Communications Billing And Revenue Management	Version 7.5.0.23.0
Oracle Communications Cloud Native Core Network Slice Selection Function	Version 1.2.1
Oracle Communications Contacts Server	Version 8.0.0.4.0
Oracle Communications Evolved Communications Application Server	Version 7.1
Oracle Communications Instant Messaging Server	Version 10.0.1.4.0
Oracle Communications Network Charging And Control	From 12.0.0 to 12.0.3
Oracle Communications Network Charging And Control	Version 6.0.1
Oracle Customer Management And Segmentation Foundation	Version 18.0
Oracle Enterprise Manager Base Platform	Version 13.3.0.0
Oracle Enterprise Manager Base Platform	Version 13.4.0.0
Oracle Global Lifecycle Management Opatch	Before 11.2.0.3.23
Oracle Global Lifecycle Management Opatch	From 12.2.0.1.0 to 12.2.0.1.19
Oracle Global Lifecycle Management Opatch	From 13.9.4.0.0 to 13.9.4.2.1
Oracle Goldengate Application Adapters	Version 19.1.0.0.0
Oracle Goldengate Stream Analytics	Before 19.1.0.0.1
Oracle Jd Edwards Enterpriseone Orchestrator	Before 9.2.4.2
Oracle Jd Edwards Enterpriseone Tools	Before 9.2.4.2
Oracle Primavera Unifier	From 17.7 to 17.12
Oracle Primavera Unifier	Version 16.1
Oracle Primavera Unifier	Version 16.2
Oracle Primavera Unifier	Version 18.8
Oracle Primavera Unifier	Version 19.12
Oracle Retail Merchandising System	Version 15.0.3
Oracle Retail Merchandising System	Version 16.0.2
Oracle Retail Merchandising System	Version 16.0.3
Oracle Retail Sales Audit	Version 14.1
Oracle Retail Xstore Point Of Service	Version 15.0
Oracle Retail Xstore Point Of Service	Version 16.0
Oracle Retail Xstore Point Of Service	Version 17.0
Oracle Retail Xstore Point Of Service	Version 18.0
Oracle Retail Xstore Point Of Service	Version 19.0
Oracle Siebel Engineering Installer & Deployment	Up to 2.20.5
Oracle Siebel Ui Framework	Up to 20.5
Oracle Trace File Analyzer	Version 12.2.0.1
Oracle Trace File Analyzer	Version 18c
Oracle Trace File Analyzer	Version 19c
Oracle Webcenter Portal	Version 12.2.1.3.0
Oracle Webcenter Portal	Version 12.2.1.4.0
Oracle Weblogic Server	Version 12.2.1.3.0
Oracle Weblogic Server	Version 12.2.1.4.0

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 8.0

Configuration D

7 vulnerable

Vulnerable Software	Affected Versions
Netapp Active Iq Unified Manager	From 7.3
Netapp Active Iq Unified Manager	From 9.5
Netapp Active Iq Unified Manager	From 7.3
Netapp Oncommand Api Services	All versions
Netapp Service Level Manager	All versions
Netapp Snapcenter	All versions
Netapp Steelstore Cloud Integrated Storage	All versions

Related CWEs

CWE-502

Deserialization of Untrusted Data

The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

References (66)

https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.10.1...jackson-databind-2.9.10.2

Source: cve@mitre.org

PatchThird Party Advisory

https://github.com/FasterXML/jackson-databind/issues/2526

Source: cve@mitre.org

PatchThird Party Advisory

https://lists.apache.org/thread.html/r107c8737db39ec9ec4f4e7147b249e29be79170b9ef4b80528105a2d%40%3Cdev.zookeeper.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/r2c77dd6ab8344285bd8e481b57cf3029965a4b0036eefccef74cdd44%40%3Cnotifications.zookeeper.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f%40%3Ccommits.druid.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/r3f8180d0d25a7c6473ebb9714b0c1d19a73f455ae70d0c5fefc17e6c%40%3Cissues.zookeeper.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/r428735963bee7cb99877b88d3228e28ec28af64646455c4f3e7a3c94%40%3Cissues.zookeeper.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/r50f513772f12e1babf65c7c2b9c16425bac2d945351879e2e267517f%40%3Cissues.zookeeper.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/r5c14fdcabdeaba258857bcb67198652e4dce1d33ddc590cd81d82393%40%3Cdev.zookeeper.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/r5c3644c97f0434d1ceb48ff48897a67bdbf3baf7efbe7d04625425b3%40%3Ccommits.druid.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/r5d3d10fdf28110da3f9ac1b7d08d7e252f98d7d37ce0a6bd139a2e4f%40%3Cissues.zookeeper.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/r67f4d4c48197454b83d62afbed8bebbda3764e6e3a6e26a848961764%40%3Ccommits.zookeeper.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/r707d23bb9ee245f50aa909add0da6e8d8f24719b1278ddd99d2428b2%40%3Cissues.zookeeper.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/r7a0821b44247a1e6c6fe5f2943b90ebc4f80a8d1fb0aa9a8b29a59a2%40%3Ccommits.zookeeper.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/r7fb123e7dad49af5886cfec7135c0fd5b74e4c67af029e1dc91ba744%40%3Ccommits.druid.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/r8831b7fa5ca87a1cf23ee08d6dedb7877a964c1d2bd869af24056a63%40%3Ccommits.zookeeper.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/r909c822409a276ba04dc2ae31179b16f6864ba02c4f9911bdffebf95%40%3Cissues.zookeeper.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/ra2e572f568de8df5ba151e6aebb225a0629faaf0476bf7c7ed877af8%40%3Cnotifications.zookeeper.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/ra5ce96faec37c26b0aa15b4b6a8b1cbb145a748653e56ae83e9685d0%40%3Cnotifications.zookeeper.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/ra8a80dbc7319916946397823aec0d893d24713cbf7b5aee0e957298c%40%3Cdev.zookeeper.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/rb532fed78d031fff477fd840b81946f6d1200f93a63698dae65aa528%40%3Ccommits.druid.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/rd1f346227e11fc515914f3a7b20d81543e51e5822ba71baa0452634a%40%3Cissues.zookeeper.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/rd49cfa41bbb71ef33b53736a6af2aa8ba88c2106e30f2a34902a87d2%40%3Cnotifications.zookeeper.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/rd6c6fef14944f3dcfb58d35f9317eb1c32a700e86c1b5231e45d3d0b%40%3Ccommits.druid.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/rfa57d9c2a27d3af14c69607fb1a3da00e758b2092aa88eb6a51b6e99%40%3Cissues.zookeeper.apache.org%3E

Source: cve@mitre.org

https://lists.debian.org/debian-lts-announce/2020/02/msg00020.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://security.netapp.com/advisory/ntap-20200127-0004/

Source: cve@mitre.org

Third Party Advisory

https://www.oracle.com//security-alerts/cpujul2021.html

Source: cve@mitre.org

PatchThird Party Advisory

https://www.oracle.com/security-alerts/cpuapr2020.html

Source: cve@mitre.org

Third Party Advisory

https://www.oracle.com/security-alerts/cpujul2020.html

Source: cve@mitre.org

Third Party Advisory

https://www.oracle.com/security-alerts/cpuoct2020.html

Source: cve@mitre.org

PatchThird Party Advisory

https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.10.1...jackson-databind-2.9.10.2