ID CVE-2019-17267
Summary A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.
References
Vulnerable Configurations
  • cpe:2.3:a:fasterxml:jackson-databind:2.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.8.2:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.8.3:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.8.3:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.8.4:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.8.5:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.8.5:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.8.6:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.8.6:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.8.7:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.8.7:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.8.8:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.8.8:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.8.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.8.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.8.9:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.8.9:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.8.10:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.8.10:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.8.11:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.8.11:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.8.11.1:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.8.11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.8.11.2:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.8.11.2:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.8.11.3:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.8.11.3:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.8.11.4:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.8.11.4:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.9.0:-:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.9.0:-:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.9.0:prerelease1:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.9.0:prerelease1:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.9.0:prerelease2:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.9.0:prerelease2:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.9.0:prerelease3:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.9.0:prerelease3:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.9.0:prerelease4:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.9.0:prerelease4:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.9.4:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.9.4:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.9.5:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.9.5:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.9.6:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.9.6:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.9.7:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.9.7:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.9.8:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.9.8:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.9.9:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.9.9:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.9.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.9.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.9.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.9.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.9.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.9.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:fasterxml:jackson-databind:2.9.9.4:*:*:*:*:*:*:*
    cpe:2.3:a:fasterxml:jackson-databind:2.9.9.4:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:active_iq_unified_manager:7.3:*:*:*:*:linux:*:*
    cpe:2.3:a:netapp:active_iq_unified_manager:7.3:*:*:*:*:linux:*:*
  • cpe:2.3:a:netapp:active_iq_unified_manager:9.6:*:*:*:*:linux:*:*
    cpe:2.3:a:netapp:active_iq_unified_manager:9.6:*:*:*:*:linux:*:*
  • cpe:2.3:a:netapp:active_iq_unified_manager:7.3:*:*:*:*:windows:*:*
    cpe:2.3:a:netapp:active_iq_unified_manager:7.3:*:*:*:*:windows:*:*
  • cpe:2.3:a:netapp:active_iq_unified_manager:9.5:*:*:*:*:windows:*:*
    cpe:2.3:a:netapp:active_iq_unified_manager:9.5:*:*:*:*:windows:*:*
  • cpe:2.3:a:netapp:active_iq_unified_manager:9.6:*:*:*:*:windows:*:*
    cpe:2.3:a:netapp:active_iq_unified_manager:9.6:*:*:*:*:windows:*:*
  • cpe:2.3:a:netapp:active_iq_unified_manager:9.5:*:*:*:*:vmware_vsphere:*:*
    cpe:2.3:a:netapp:active_iq_unified_manager:9.5:*:*:*:*:vmware_vsphere:*:*
  • cpe:2.3:a:netapp:oncommand_api_services:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:oncommand_api_services:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:service_level_manager:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:service_level_manager:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:customer_management_and_segmentation_foundation:*:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:customer_management_and_segmentation_foundation:*:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:17.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:17.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 22-02-2021 - 21:39)
Impact:
Exploitability:
CWE CWE-502
CAPEC
  • Object Injection
    An adversary attempts to exploit an application by injecting additional, malicious content during its processing of serialized objects. Developers leverage serialization in order to convert data or state into a static, binary format for saving to disk or transferring over a network. These objects are then deserialized when needed to recover the data/state. By injecting a malformed object into a vulnerable application, an adversary can potentially compromise the application by manipulating the deserialization process. This can result in a number of unwanted outcomes, including remote code execution.
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
  • rhsa
    id RHSA-2019:3200
  • rhsa
    id RHSA-2020:0159
  • rhsa
    id RHSA-2020:0160
  • rhsa
    id RHSA-2020:0161
  • rhsa
    id RHSA-2020:0164
  • rhsa
    id RHSA-2020:0445
rpms
  • eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap
  • eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap
  • eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap
  • eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap
  • eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap
  • eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap
  • eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap
  • eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap
  • eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap
  • eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap
  • eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap
  • eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap
  • eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap
  • eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap
  • eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap
  • eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap
  • eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap
  • eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap
  • eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap
  • eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap
  • eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap
  • eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap
  • eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap
  • eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap
  • eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap
  • eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap
  • eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap
  • eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap
  • eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap
  • eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap
  • eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap
  • eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap
  • eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap
  • eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap
  • eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap
  • eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap
  • eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap
  • eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap
  • eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap
  • eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap
  • eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap
  • eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap
  • eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap
  • eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap
  • eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap
  • eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap
  • eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap
  • eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap
  • eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap
  • eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap
  • eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap
  • eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap
  • eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap
  • eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap
  • eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap
  • eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap
  • eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap
  • eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap
  • eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap
  • eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap
  • eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap
  • eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap
  • eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap
  • eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap
  • eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap
  • eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap
  • eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap
  • eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap
  • eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap
  • eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap
  • eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap
  • eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap
  • eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap
  • eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap
  • eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap
  • eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap
  • eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap
  • eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap
  • eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap
  • eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap
  • eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap
  • eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap
  • eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap
  • eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap
  • eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap
  • eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap
  • eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap
  • eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap
  • eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap
  • eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap
  • eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap
  • eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap
  • eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap
  • eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap
  • eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap
  • eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap
  • eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap
  • eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap
  • eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap
  • eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap
  • eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap
  • eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap
  • eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap
  • eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap
  • eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap
  • eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap
  • eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap
  • eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap
  • eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap
  • eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap
  • eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap
  • eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap
  • eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap
  • eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap
  • eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap
  • eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap
  • eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap
  • eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap
  • eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap
  • eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap
  • eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap
  • eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap
  • eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap
  • eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap
  • eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap
  • eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap
  • eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap
  • eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap
  • eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap
  • eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap
  • eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap
  • eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap
  • eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap
  • eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap
  • eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap
  • eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap
  • eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap
  • eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap
  • eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap
  • eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap
  • eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap
  • eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap
  • eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap
  • eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap
  • eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap
  • eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap
  • eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap
  • eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap
  • eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap
  • eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap
  • eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap
  • eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap
  • eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap
  • eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap
  • eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap
  • eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap
  • eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap
  • eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap
  • eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap
  • eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap
  • eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap
  • eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap
  • eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap
  • eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap
  • eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap
  • eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap
  • eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap
  • eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap
  • eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap
  • eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap
  • eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap
  • eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap
  • eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap
  • eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap
  • eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap
  • eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap
  • eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap
  • eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap
  • eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap
  • eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap
  • eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap
  • eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap
  • eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap
  • eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap
  • eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap
  • eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap
  • eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap
  • eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap
  • eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap
  • eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap
  • eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap
  • eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap
  • eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap
  • eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap
  • eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap
  • eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap
  • eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap
  • eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap
  • eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap
  • eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap
  • eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap
  • eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap
  • eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap
  • eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap
  • eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap
  • eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap
  • eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap
  • eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap
  • eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap
  • eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap
  • eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap
  • eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap
  • eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap
  • eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap
  • eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap
  • eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap
  • eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap
  • eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap
  • eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap
  • eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap
  • eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap
  • eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap
  • eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap
  • eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap
  • eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap
  • eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap
  • eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap
refmap via4
confirm https://security.netapp.com/advisory/ntap-20191017-0006/
misc
mlist
  • [bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image
  • [debian-lts-announce] 20191210 [SECURITY] [DLA 2030-1] jackson-databind security update
  • [drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities
  • [drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities
  • [drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities
  • [druid-commits] 20200115 [druid] branch 0.17.0 updated: Suppress CVE-2019-20330 for htrace-core-4.0.1 (#9189) (#9191)
  • [geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12
  • [skywalking-dev] 20200324 [CVE-2019-17267] Upgrade jackson-databind version to 2.9.10
Last major update 22-02-2021 - 21:39
Published 07-10-2019 - 00:15
Last modified 22-02-2021 - 21:39
Back to Top