Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2018-14719

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization.

CVSS v3:

  • Severity: Critical
  • Score: 9.8
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

OWASP TOP 10:

Software From Fixed in
fasterxml / jackson-databind 2.7.0 2.7.9.5
fasterxml / jackson-databind 2.8.0 2.8.11.3
fasterxml / jackson-databind 2.9.0 2.9.7
debian / debian_linux 8.0 8.0.x
debian / debian_linux 9.0 9.0.x
oracle / primavera_unifier 16.2 16.2.x
oracle / primavera_p6_enterprise_project_portfolio_management 16.2 16.2.x
oracle / primavera_p6_enterprise_project_portfolio_management 15.1 15.1.x
oracle / database_server 12.1.0.2 12.1.0.2.x
oracle / banking_platform 2.5.0 2.5.0.x
oracle / primavera_unifier 16.1 16.1.x
oracle / database_server 11.2.0.4 11.2.0.4.x
oracle / primavera_p6_enterprise_project_portfolio_management 16.1 16.1.x
oracle / jdeveloper 12.1.3.0.0 12.1.3.0.0.x
oracle / primavera_p6_enterprise_project_portfolio_management 15.2 15.2.x
oracle / retail_merchandising_system 16.0 16.0.x
oracle / webcenter_portal 12.2.1.3.0 12.2.1.3.0.x
oracle / database_server 12.2.0.1 12.2.0.1.x
oracle / business_process_management_suite 12.1.3.0.0 12.1.3.0.0.x
oracle / business_process_management_suite 12.2.1.3.0 12.2.1.3.0.x
oracle / primavera_p6_enterprise_project_portfolio_management 17.7 17.12.x
oracle / primavera_p6_enterprise_project_portfolio_management 18.8 18.8.x
oracle / database_server 18c 18c.x
oracle / communications_billing_and_revenue_management 7.5 7.5.x
oracle / communications_billing_and_revenue_management 12.0 12.0.x
oracle / financial_services_analytical_applications_infrastructure 8.0.2 8.0.2.x
oracle / financial_services_analytical_applications_infrastructure 8.0.3 8.0.3.x
oracle / financial_services_analytical_applications_infrastructure 8.0.4 8.0.4.x
oracle / financial_services_analytical_applications_infrastructure 8.0.5 8.0.5.x
oracle / financial_services_analytical_applications_infrastructure 8.0.6 8.0.6.x
oracle / financial_services_analytical_applications_infrastructure 8.0.7 8.0.7.x
oracle / banking_platform 2.6.0 2.6.0.x
oracle / banking_platform 2.6.1 2.6.1.x
oracle / banking_platform 2.6.2 2.6.2.x
oracle / enterprise_manager_for_virtualization 13.2.2 13.2.2.x
oracle / enterprise_manager_for_virtualization 13.2.3 13.2.3.x
oracle / enterprise_manager_for_virtualization 13.3.1 13.3.1.x
oracle / primavera_unifier 18.8 18.8.x
oracle / database_server 19c 19c.x
oracle / jdeveloper 12.2.1.3.0 12.2.1.3.0.x
oracle / retail_workforce_management_software 1.60.9.0.0 1.60.9.0.0.x
oracle / primavera_unifier 17.7 17.12.x
oracle / retail_merchandising_system 15.0 15.0.x
oracle / clusterware 12.1.0.2.0 12.1.0.2.0.x
oracle / global_lifecycle_management_opatch - 11.2.0.3.23
oracle / global_lifecycle_management_opatch 12.2.0.1.0 12.2.0.1.19
oracle / global_lifecycle_management_opatch 13.9.4.0.0 13.9.4.2.1
redhat / openshift_container_platform 4.6 4.6.26
redhat / openshift_container_platform 3.11 3.11.153
redhat / openshift_container_platform 4.1 4.1.18
netapp / steelstore_cloud_integrated_storage - -
com.fasterxml.jackson.core / jackson-databind 2.9.0 2.9.7
com.fasterxml.jackson.core / jackson-databind 2.8.0 2.8.11.3
com.fasterxml.jackson.core / jackson-databind 2.0.0 2.7.9.5
fasterxml / jackson-databind 2.0.0 2.6.7.3