Lucene search
GoogleOSV:RLSA-2019:2720HistorySep 10, 2019 - 3:32 p.m.
Important: pki-deps:10.6 security update
2019-09-1015:32:49
Google
osv.dev
8
The Public Key Infrastructure (PKI) Deps module contains fundamental packages required as dependencies for the pki-core module by Rocky Enterprise Software Foundation Certificate System.
Security Fix(es):
- jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Related
redhat
redhat
(RHSA-2019:1820) Important: rh-maven35-jackson-databind security update
2019-07-22 13:08:59
(RHSA-2019:2720) Important: pki-deps:10.6 security update
2019-09-10 15:32:49
(RHSA-2019:3292) Important: Red Hat Decision Manager 7.5.0 Security Update
2019-10-31 17:24:46
oraclelinux
oraclelinux
pki-deps:10.6 security update
2019-09-17 00:00:00
osv
osv
Important: pki-deps:10.6 security update
2019-09-10 15:32:49
Deserialization of Untrusted Data in FasterXML jackson-databind
2019-07-05 21:07:27
CVE-2019-12384
2019-06-24 16:15:15
github
github
Deserialization of Untrusted Data in FasterXML jackson-databind
2019-07-05 21:07:27
redhatcve
redhatcve
CVE-2019-12384
2021-08-22 13:11:23
rocky
rocky
pki-deps:10.6 security update
2019-09-10 15:32:49
githubexploit
githubexploit
Exploit for Deserialization of Untrusted Data in Fasterxml Jackson-Databind
2019-07-24 07:12:14
Exploit for Deserialization of Untrusted Data in Fasterxml Jackson-Databind
2019-07-26 03:24:38
cve
cve
CVE-2019-12384
2019-06-24 16:15:15
ubuntucve
ubuntucve
CVE-2019-12384
2019-06-24 00:00:00
nessus
nessus
CentOS 8 : pki-deps:10.6 (CESA-2019:2720)
2021-01-29 00:00:00
Oracle Linux 8 : pki-deps:10.6 (ELSA-2019-2720)
2023-09-07 00:00:00
RHEL 8 : pki-deps:10.6 (RHSA-2019:2720)
2019-09-16 00:00:00
prion
prion
Deserialization of untrusted data
2019-06-24 16:15:00
cvelist
cvelist
CVE-2019-12384
2019-06-24 15:34:08
almalinux
almalinux
Important: pki-deps:10.6 security update
2019-09-10 15:32:49
nvd
nvd
CVE-2019-12384
2019-06-24 16:15:15
veracode
veracode
Unsafe Deserialization
2019-06-14 03:58:32
debiancve
debiancve
CVE-2019-12384
2019-06-24 16:15:15
debian
debian
[SECURITY] [DLA 1831-1] jackson-databind security update
2019-06-21 15:09:36
[SECURITY] [DSA 4542-1] jackson-databind security update
2019-10-06 08:28:37
[SECURITY] [DSA 4542-1] jackson-databind security update
2019-10-06 08:28:37
openvas
openvas
Debian: Security Advisory (DLA-1831-1)
2019-06-22 00:00:00
Fedora Update for jackson-core FEDORA-2019-fb23eccc03
2019-09-23 00:00:00
Fedora Update for jackson-databind FEDORA-2019-99ff6aa32c
2020-01-09 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: jackson-bom-2.9.9-1.fc31
2019-09-18 00:07:22
[SECURITY] Fedora 31 Update: jackson-core-2.9.9-1.fc31
2019-09-18 00:07:22
[SECURITY] Fedora 31 Update: jackson-annotations-2.9.9-1.fc31
2019-09-18 00:07:21
ibm
ibm
mageia
mageia
Updated jackson-databind packages fix security vulnerabilities
2021-03-27 17:27:02
ubuntu
ubuntu
Jackson Databind vulnerabilities
2021-03-15 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2019
2020-01-22 00:00:00
Oracle Critical Patch Update Advisory - January 2020
2020-01-14 00:00:00
Oracle Critical Patch Update Advisory - July 2020
2020-07-14 00:00:00