Lucene search

CVE-2018-14718

🗓️ 02 Jan 2019 18:00:29Reported by [email protected]Type

FasterXML jackson-databind 2.x before 2.9.7 vulnerabilit

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 113
Debian CVE	CVE-2018-14718	2 Jan 201918:29	–	debiancve
Cvelist	CVE-2018-14718	2 Jan 201918:00	–	cvelist
Github Security Blog	Arbitrary Code Execution in jackson-databind	4 Jan 201919:06	–	github
OSV	Arbitrary Code Execution in jackson-databind	4 Jan 201919:06	–	osv
OSV	CVE-2018-14718	2 Jan 201918:29	–	osv
OSV	RHSA-2019:0782 Red Hat Security Advisory: rh-maven35-jackson-databind security update	13 Sep 202416:54	–	osv
OSV	jackson-databind - security update	4 Mar 201900:00	–	osv
OSV	jackson-databind - security update	24 May 201900:00	–	osv
OSV	jackson-databind vulnerabilities	15 Mar 202121:47	–	osv
Prion	Deserialization of untrusted data	2 Jan 201918:29	–	prion

Nvd

Node

fasterxml jackson-databindRange2.0.0–2.6.7.3

fasterxml jackson-databindRange2.7.0–2.7.9.5

fasterxml jackson-databindRange2.8.0–2.8.11.3

fasterxml jackson-databindRange2.9.0–2.9.7

Node

debian debian_linuxMatch8.0

debian debian_linuxMatch9.0

Node

oracle banking_platformMatch2.5.0

oracle banking_platformMatch2.6.0

oracle banking_platformMatch2.6.1

oracle banking_platformMatch2.6.2

oracle business_process_management_suiteMatch12.1.3.0.0

oracle business_process_management_suiteMatch12.2.1.3.0

oracle communications_billing_and_revenue_managementMatch7.5

oracle communications_billing_and_revenue_managementMatch12.0

oracle communications_instant_messaging_serverMatch10.0.1.3.0

oracle enterprise_manager_for_virtualizationMatch13.2.2

oracle enterprise_manager_for_virtualizationMatch13.2.3

oracle enterprise_manager_for_virtualizationMatch13.3.1

oracle financial_services_analytical_applications_infrastructureMatch8.0.2

oracle financial_services_analytical_applications_infrastructureMatch8.0.3

oracle financial_services_analytical_applications_infrastructureMatch8.0.4

oracle financial_services_analytical_applications_infrastructureMatch8.0.5

oracle financial_services_analytical_applications_infrastructureMatch8.0.6

oracle financial_services_analytical_applications_infrastructureMatch8.0.7

oracle global_lifecycle_management_opatchRange<11.2.0.3.23

oracle global_lifecycle_management_opatchRange12.2.0.1.0–12.2.0.1.19

oracle global_lifecycle_management_opatchRange13.9.4.0.0–13.9.4.2.1

oracle jd_edwards_enterpriseone_orchestratorMatch9.2

oracle jd_edwards_enterpriseone_toolsMatch9.2

oracle jdeveloperMatch12.1.3.0.0

oracle jdeveloperMatch12.2.1.3.0

oracle nosql_databaseRange<19.3.12

oracle nosql_databaseMatch19.3.12

oracle primavera_p6_enterprise_project_portfolio_managementRange17.7–17.12

oracle primavera_p6_enterprise_project_portfolio_managementMatch15.1

oracle primavera_p6_enterprise_project_portfolio_managementMatch15.2

oracle primavera_p6_enterprise_project_portfolio_managementMatch16.1

oracle primavera_p6_enterprise_project_portfolio_managementMatch16.2

oracle primavera_p6_enterprise_project_portfolio_managementMatch18.8

oracle primavera_unifierRange17.7–17.12

oracle primavera_unifierMatch16.1

oracle primavera_unifierMatch16.2

oracle primavera_unifierMatch18.8

oracle retail_customer_management_and_segmentation_foundationMatch17.0

oracle retail_merchandising_systemMatch15.0

oracle retail_merchandising_systemMatch16.0

oracle retail_workforce_management_softwareMatch1.60.9.0.0

oracle siebel_engineering_-_installer_&_deploymentRange≤19.8

oracle siebel_ui_frameworkRange≤19.10

oracle webcenter_portalMatch12.2.1.3.0

Node

netapp oncommand_workflow_automationMatch-

netapp snapcenterMatch-

netapp steelstore_cloud_integrated_storageMatch-

Node

redhat openshift_container_platformRange3.11–3.11.153

redhat openshift_container_platformRange4.6–4.6.26

redhat openshift_container_platformMatch3.10

Node

redhat openshift_container_platformRange4.1–4.1.18

AND

redhat enterprise_linuxMatch7.0

Source	Link
lists	www.lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
seclists	www.seclists.org/bugtraq/2019/May/68
access	www.access.redhat.com/errata/RHSA-2019:1782
github	www.github.com/FasterXML/jackson-databind/issues/2097
oracle	www.oracle.com/security-alerts/cpujan2020.html
access	www.access.redhat.com/errata/RHSA-2019:1797
github	www.github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44
lists	www.lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
oracle	www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
access	www.access.redhat.com/errata/RHSA-2019:3892

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

02 Jan 2019 18:29Current

9.7High risk

Vulners AI Score9.7

CVSS27.5

CVSS39.8

EPSS0.14747

CWE-502