Lucene search

CVE-2018-14720

🗓️ 02 Jan 2019 18:00:29Reported by mitreType

FasterXML jackson-databind 2.x before 2.9.7 XXE vulnerabilit

Reporter	Title	Published	Views	Family All 118
Prion	Deserialization of untrusted data	2 Jan 201918:29	–	prion
Debian CVE	CVE-2018-14720	2 Jan 201918:29	–	debiancve
OSV	CVE-2018-14720	2 Jan 201918:29	–	osv
OSV	XML External Entity Reference (XXE) in jackson-databind	4 Jan 201919:09	–	osv
OSV	RHSA-2019:1107 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.1 on RHEL 6 security update	13 Sep 202416:54	–	osv
OSV	RHSA-2019:1108 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.1 on RHEL 7 security update	13 Sep 202416:54	–	osv
OSV	jackson-databind - security update	4 Mar 201900:00	–	osv
OSV	RHSA-2019:0782 Red Hat Security Advisory: rh-maven35-jackson-databind security update	13 Sep 202416:54	–	osv
OSV	jackson-databind - security update	24 May 201900:00	–	osv
OSV	jackson-databind vulnerabilities	15 Mar 202121:47	–	osv

Nvd

Node

fasterxml jackson-databindRange2.6.0–2.6.7.2

fasterxml jackson-databindRange2.7.0–2.7.9.5

fasterxml jackson-databindRange2.8.0–2.8.11.3

fasterxml jackson-databindRange2.9.0–2.9.7

fasterxml jackson-databindMatch2.7.0rc1

fasterxml jackson-databindMatch2.7.0rc2

fasterxml jackson-databindMatch2.7.0rc3

fasterxml jackson-databindMatch2.8.0rc1

fasterxml jackson-databindMatch2.8.0rc2

fasterxml jackson-databindMatch2.9.0pr1

fasterxml jackson-databindMatch2.9.0pr2

fasterxml jackson-databindMatch2.9.0pr3

fasterxml jackson-databindMatch2.9.0pr4

Node

debian debian_linuxMatch8.0

debian debian_linuxMatch9.0

Node

oracle banking_platformMatch2.5.0

oracle banking_platformMatch2.6.0

oracle banking_platformMatch2.6.1

oracle banking_platformMatch2.6.2

oracle communications_billing_and_revenue_managementMatch7.5

oracle communications_billing_and_revenue_managementMatch12.0

oracle enterprise_manager_for_virtualizationMatch13.2.2

oracle enterprise_manager_for_virtualizationMatch13.2.3

oracle enterprise_manager_for_virtualizationMatch13.3.1

oracle financial_services_analytical_applications_infrastructureMatch8.0.2

oracle financial_services_analytical_applications_infrastructureMatch8.0.3

oracle financial_services_analytical_applications_infrastructureMatch8.0.4

oracle financial_services_analytical_applications_infrastructureMatch8.0.5

oracle financial_services_analytical_applications_infrastructureMatch8.0.6

oracle financial_services_analytical_applications_infrastructureMatch8.0.7

oracle jdeveloperMatch12.1.3.0.0

oracle jdeveloperMatch12.2.1.3.0

oracle primavera_unifierRange17.1–17.12

oracle primavera_unifierMatch16.1

oracle primavera_unifierMatch16.2

oracle primavera_unifierMatch18.8

oracle retail_merchandising_systemMatch15.0

oracle retail_merchandising_systemMatch16.0

oracle webcenter_portalMatch12.2.1.3.0

Node

redhat jboss_enterprise_application_platformMatch7.2.0

redhat openshift_container_platformMatch3.11

Source	Link
github	www.github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44
github	www.github.com/FasterXML/jackson-databind/issues/2097
oracle	www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
lists	www.lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E
access	www.access.redhat.com/errata/RHBA-2019:0959
access	www.access.redhat.com/errata/RHSA-2019:3149
access	www.access.redhat.com/errata/RHSA-2019:1822
access	www.access.redhat.com/errata/RHSA-2019:1106
lists	www.lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
oracle	www.oracle.com/security-alerts/cpuapr2020.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

02 Jan 2019 18:29Current

9.4High risk

Vulners AI Score9.4

CVSS27.5

CVSS39.8

EPSS0.00452