Decision Manager Security Vulnerabilities and Issues — Decision Manager CVE List

Lucene search

RedhatDecision Manager

4 matches found

CVE•added 2019/01/02 6:29 p.m.•318 views

CVE-2018-19360

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.

9.8CVSS8.8AI score0.06777EPSS

CVE•added 2019/01/02 6:29 p.m.•300 views

CVE-2018-19361

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.

9.8CVSS8.8AI score0.04063EPSS

CVE•added 2020/03/02 5:15 p.m.•205 views

CVE-2019-14892

A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code.

9.8CVSS9.4AI score0.00873EPSS

CVE•added 2019/01/02 6:29 p.m.•179 views

CVE-2018-19362

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.

9.8CVSS8.8AI score0.06777EPSS