Lucene search

CVE-2019-10202

🗓️ 12 Oct 2019 02:16:27Reported by redhat.comType

A series of deserialization vulnerabilities found in Codehaus 1.9.x in EAP 7. CVE-2019-10202 addresses multiple previous CVEs by implementing a whitelist approach

Reporter	Title	Published	Views	Family All 199
Github Security Blog	Deserialization of Untrusted Data in org.codehaus.jackson:jackson-mapper-asl	24 May 202216:57	–	github
Github Security Blog	Deserialization of Untrusted Data in jackson-databind	30 Jun 202020:40	–	github
Github Security Blog	jackson-databind vulnerable to remote code execution due to incorrect deserialization and blocklist bypass	18 Oct 201817:42	–	github
Github Security Blog	jackson-databind vulnerable to deserialization flaw leading to unauthenticated remote code execution	18 Oct 201817:42	–	github
Github Security Blog	FasterXML jackson-databind allows unauthenticated remote code execution	16 Oct 201817:45	–	github
Github Security Blog	Moderate severity vulnerability that affects com.fasterxml.jackson.datatype:jackson-datatype-jsr353	21 Dec 201817:46	–	github
Github Security Blog	Information exposure in FasterXML jackson-databind	23 May 201909:32	–	github
NVD	CVE-2019-10202	1 Oct 201915:15	–	nvd
NVD	CVE-2018-5968	22 Jan 201804:29	–	nvd
NVD	CVE-2018-7489	26 Feb 201815:29	–	nvd

Source	Link
cve	www.cve.org/CVERecord
nvd	www.nvd.nist.gov/vuln/detail/CVE-2019-10202
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

12 Oct 2019 02:27Current

2.7Low risk

Vulners AI Score2.7

EPSS0.82412