Lucene search
Redhat.comRH:CVE-2019-14892HistoryApr 07, 2020 - 5:14 p.m.
CVE-2019-14892
2020-04-0717:14:53
redhat.com
access.redhat.com
24
0.004 Low
EPSS
Percentile
73.4%
A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code.
Related
osv
osv
CVE-2019-14892
2020-03-02 17:15:17
Polymorphic deserialization of malicious object in jackson-databind
2020-05-15 18:58:58
prion
prion
Deserialization of untrusted data
2020-03-02 17:15:00
nvd
nvd
CVE-2019-14892
2020-03-02 17:15:17
cve
cve
CVE-2019-14892
2020-03-02 17:15:17
github
github
Polymorphic deserialization of malicious object in jackson-databind
2020-05-15 18:58:58
ubuntucve
ubuntucve
CVE-2019-14892
2020-03-02 00:00:00
debiancve
debiancve
CVE-2019-14892
2020-03-02 17:15:17
cvelist
cvelist
CVE-2019-14892
2020-03-02 16:28:40
veracode
veracode
Remote Code Execution
2019-11-21 02:29:26
ibm
ibm
Security Bulletin: jackson-databind (Publicly disclosed vulnerability) found in Network Performance Insight (CVE-2019-14892, CVE-2019-14893)
2020-08-04 19:14:01
redhat
redhat
(RHSA-2020:0729) Important: Red Hat Data Grid 7.3.5 security update
2020-03-05 13:05:49
(RHSA-2020:0895) Moderate: Red Hat Process Automation Manager 7.7.0 Security Update
2020-03-18 14:45:02
(RHSA-2020:0899) Important: Red Hat Decision Manager 7.7.0 Security Update
2020-03-18 17:30:04
nessus
nessus
RHEL 8 : opendaylight (Unpatched Vulnerability)
2024-06-03 00:00:00
hp
hp
HP Device Manager Security Updates
2023-10-20 00:00:00