Lucene search
RedHatRHSA-2019:4192HistoryDec 10, 2019 - 3:26 p.m.
(RHSA-2019:4192) Important: rh-maven35-jackson-databind security update
2019-12-1015:26:25
access.redhat.com
19
0.007 Low
EPSS
Percentile
80.2%
The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API.
Security Fix(es):
- jackson-databind: polymorphic typing issue when enabling default typing for an externally exposed JSON endpoint and having apache-log4j-extra in the classpath leads to code execution (CVE-2019-17531)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | noarch | rh-maven35-jackson-databind | <ย 2.7.6-2.8.el7 | rh-maven35-jackson-databind-2.7.6-2.8.el7.noarch.rpm |
| RedHat | 7 | noarch | rh-maven35-jackson-databind-javadoc | <ย 2.7.6-2.8.el7 | rh-maven35-jackson-databind-javadoc-2.7.6-2.8.el7.noarch.rpm |
Related
debiancve
debiancve
CVE-2019-17531
2019-10-12 21:15:08
nessus
nessus
RHEL 7 : rh-maven35-jackson-databind (RHSA-2019:4192)
2024-04-28 00:00:00
Debian DLA-2030-1 : jackson-databind security update
2019-12-12 00:00:00
Oracle WebCenter Portal Multiple Vulnerabilities (Jul 2020 CPU)
2020-07-16 00:00:00
osv
osv
jackson-databind polymorphic typing issue
2019-11-13 00:32:38
CVE-2019-17531
2019-10-12 21:15:08
jackson-databind - security update
2019-12-10 00:00:00
symantec
symantec
ubuntucve
ubuntucve
CVE-2019-17531
2019-10-12 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2019-10-14 05:13:49
cvelist
cvelist
CVE-2019-17531
2019-10-12 20:07:34
redhatcve
redhatcve
CVE-2019-17531
2020-04-09 10:09:52
github
github
jackson-databind polymorphic typing issue
2019-11-13 00:32:38
nvd
nvd
CVE-2019-17531
2019-10-12 21:15:08
ibm
ibm
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in FasterXML jackson-databind
2019-12-20 08:47:33
prion
prion
Design/Logic Flaw
2019-10-12 21:15:00
cve
cve
CVE-2019-17531
2019-10-12 21:15:08
debian
debian
[SECURITY] [DLA 2030-1] jackson-databind security update
2019-12-10 18:54:11
f5
f5
openvas
openvas
Debian: Security Advisory (DLA-2030-1)
2019-12-11 00:00:00
Mageia: Security Advisory (MGASA-2021-0153)
2022-01-28 00:00:00
Ubuntu: Security Advisory (USN-4813-1)
2023-01-27 00:00:00
almalinux
almalinux
oraclelinux
oraclelinux
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
2020-05-05 00:00:00
cloudfoundry
cloudfoundry
redhat
redhat
rocky
rocky
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
2020-04-28 09:00:20
qualysblog
qualysblog
Oracle Patch Tuesday, July 2023 Security Update Review
2023-07-19 15:56:06
mageia
mageia
Updated jackson-databind packages fix security vulnerabilities
2021-03-27 17:27:02
ubuntu
ubuntu
Jackson Databind vulnerabilities
2021-03-15 00:00:00
hp
hp
HP Device Manager Security Updates
2023-10-20 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2021
2021-07-20 00:00:00
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00
Oracle Critical Patch Update Advisory - January 2020
2020-01-14 00:00:00