Package Instance

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17531.json

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17531.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-17531

reference_id

reference_type

scores

value	0.0119
scoring_system	epss
scoring_elements	0.78823
published_at	2026-04-13T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.7882
published_at	2026-04-08T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78794
published_at	2026-04-07T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78812
published_at	2026-04-04T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.7878
published_at	2026-04-02T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78773
published_at	2026-04-01T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78826
published_at	2026-04-09T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.7885
published_at	2026-04-11T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78833
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-17531

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17531
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17531

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/b5a304a98590b6bb766134f9261e6566dcbbb6d0

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/b5a304a98590b6bb766134f9261e6566dcbbb6d0

reference_url

https://github.com/FasterXML/jackson-databind/issues/2498

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2498

reference_url

https://lists.apache.org/thread.html/b3c90d38f99db546de60fea65f99a924d540fae2285f014b79606ca5@%3Ccommits.pulsar.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b3c90d38f99db546de60fea65f99a924d540fae2285f014b79606ca5@%3Ccommits.pulsar.apache.org%3E

reference_url	https://lists.apache.org/thread.html/b3c90d38f99db546de60fea65f99a924d540fae2285f014b79606ca5%40%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/b3c90d38f99db546de60fea65f99a924d540fae2285f014b79606ca5%40%3Ccommits.pulsar.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f%40%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f%40%3Ccommits.druid.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2019/12/msg00013.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2019/12/msg00013.html

reference_url	https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
reference_id
reference_type
scores
url	https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_url

https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-17531

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-17531

reference_url

https://security.netapp.com/advisory/ntap-20191024-0005

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20191024-0005

reference_url	https://security.netapp.com/advisory/ntap-20191024-0005/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20191024-0005/

reference_url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1775293
reference_id	1775293
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1775293

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*
reference_id	cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*
reference_id	cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.4.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.4.1:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.2:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.7.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.7.1:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.9.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_calendar_server:8.0.0.2.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_calendar_server:8.0.0.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_calendar_server:8.0.0.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_calendar_server:8.0.0.3.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_calendar_server:8.0.0.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_calendar_server:8.0.0.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:12.2.1.4.0:::::::*
reference_id	cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:12.2.1.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:12.2.1.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:13.9.4.2.2:::::::*
reference_id	cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:13.9.4.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:13.9.4.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:::::::*
reference_id	cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2:::::::*
reference_id	cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:::::::*
reference_id	cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway::::::::
reference_id	cpe:2.3:a:oracle:primavera_gateway::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:16.1:::::::*
reference_id	cpe:2.3:a:oracle:primavera_gateway:16.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:16.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:16.2:::::::*
reference_id	cpe:2.3:a:oracle:primavera_gateway:16.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:16.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:19.12.0:::::::*
reference_id	cpe:2.3:a:oracle:primavera_gateway:19.12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:19.12.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:15.0.3:::::::*
reference_id	cpe:2.3:a:oracle:retail_merchandising_system:15.0.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:15.0.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:16.0.2:::::::*
reference_id	cpe:2.3:a:oracle:retail_merchandising_system:16.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:16.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:16.0.3:::::::*
reference_id	cpe:2.3:a:oracle:retail_merchandising_system:16.0.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:16.0.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_sales_audit:14.1:::::::*
reference_id	cpe:2.3:a:oracle:retail_sales_audit:14.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_sales_audit:14.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:siebel_engineering_-_installer_\&_deployment::::::::
reference_id	cpe:2.3:a:oracle:siebel_engineering_-_installer_\&_deployment::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:siebel_engineering_-_installer_\&_deployment::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:trace_file_analyzer:12.2.0.1:::::::*
reference_id	cpe:2.3:a:oracle:trace_file_analyzer:12.2.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:trace_file_analyzer:12.2.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:trace_file_analyzer:18c:::::::*
reference_id	cpe:2.3:a:oracle:trace_file_analyzer:18c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:trace_file_analyzer:18c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:trace_file_analyzer:19c:::::::*
reference_id	cpe:2.3:a:oracle:trace_file_analyzer:19c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:trace_file_analyzer:19c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*
reference_id	cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:::::::*
reference_id	cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*
reference_id	cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:8.0:::::::*

reference_url

https://github.com/advisories/GHSA-gjmw-vf9h-g25v

reference_id

GHSA-gjmw-vf9h-g25v

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-gjmw-vf9h-g25v

reference_url	https://access.redhat.com/errata/RHSA-2020:0895
reference_id	RHSA-2020:0895
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0895

reference_url	https://access.redhat.com/errata/RHSA-2020:0899
reference_id	RHSA-2020:0899
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0899

reference_url	https://access.redhat.com/errata/RHSA-2020:0939
reference_id	RHSA-2020:0939
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0939

reference_url	https://access.redhat.com/errata/RHSA-2020:1644
reference_id	RHSA-2020:1644
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1644

reference_url	https://access.redhat.com/errata/RHSA-2020:2067
reference_id	RHSA-2020:2067
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2067

reference_url	https://access.redhat.com/errata/RHSA-2020:2333
reference_id	RHSA-2020:2333
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2333

reference_url	https://access.redhat.com/errata/RHSA-2020:3192
reference_id	RHSA-2020:3192
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3192

reference_url	https://access.redhat.com/errata/RHSA-2024:5856
reference_id	RHSA-2024:5856
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5856

reference_url	https://usn.ubuntu.com/USN-4813-1/
reference_id	USN-USN-4813-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4813-1/

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.1

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qzn-mkhg-1qh3

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-3wa1-khqf-x7fv

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-a5sk-5grx-eyaf

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tkej-jh51-s7g5

vulnerability	VCID-twvp-wxff-zka2

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x4fr-ena4-47fe

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.1

aliases CVE-2019-17531, GHSA-gjmw-vf9h-g25v

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-16af-yv1z-xufy

url VCID-2x39-rsxh-rkgw

vulnerability_id VCID-2x39-rsxh-rkgw

summary

Deserialization of Untrusted Data
FasterXML jackson-databind might allow attackers to have unspecified impact by leveraging failure to block the `jboss-common-core` class from polymorphic deserialization.

references

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19362.json

reference_url

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19362.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-19362

reference_id

reference_type

scores

value	0.04124
scoring_system	epss
scoring_elements	0.88635
published_at	2026-04-13T12:55:00Z

value	0.04124
scoring_system	epss
scoring_elements	0.88579
published_at	2026-04-01T12:55:00Z

value	0.04124
scoring_system	epss
scoring_elements	0.88588
published_at	2026-04-02T12:55:00Z

value	0.04124
scoring_system	epss
scoring_elements	0.88606
published_at	2026-04-04T12:55:00Z

value	0.04124
scoring_system	epss
scoring_elements	0.88631
published_at	2026-04-09T12:55:00Z

value	0.04124
scoring_system	epss
scoring_elements	0.88642
published_at	2026-04-11T12:55:00Z

value	0.04124
scoring_system	epss
scoring_elements	0.88607
published_at	2026-04-07T12:55:00Z

value	0.04124
scoring_system	epss
scoring_elements	0.88626
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-19362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11307
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11307

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14718
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14718

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14719
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14719

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14720
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14720

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086

reference_url

https://github.com/advisories/GHSA-c8hm-7hpq-7jhg

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-c8hm-7hpq-7jhg

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b

reference_url

https://github.com/FasterXML/jackson-databind/commit/72cd4025a229fb28ec133235003dd4616f70afaa

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/72cd4025a229fb28ec133235003dd4616f70afaa

reference_url

https://github.com/FasterXML/jackson-databind/issues/2186

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2186

reference_url

https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8

reference_url

https://issues.apache.org/jira/browse/TINKERPOP-2121

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/TINKERPOP-2121

reference_url

https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E

reference_url	https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3%40%3Cdevnull.infra.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3%40%3Cdevnull.infra.apache.org%3E

reference_url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E

reference_url	https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E

reference_url

https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c@%3Ccommits.pulsar.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c@%3Ccommits.pulsar.apache.org%3E

reference_url	https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c%40%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c%40%3Ccommits.pulsar.apache.org%3E

reference_url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E

reference_url	https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190530-0003

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190530-0003

reference_url	https://security.netapp.com/advisory/ntap-20190530-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190530-0003/

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-19362

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1666489
reference_id	1666489
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1666489

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:::::::*
reference_id	cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management::::::::
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:::::::*
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:::::::*
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:::::::*
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2:::::::*
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:18.8:::::::*
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:18.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:18.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier::::::::
reference_id	cpe:2.3:a:oracle:primavera_unifier::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_workforce_management_software:1.60.9.0.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_workforce_management_software:1.60.9.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_workforce_management_software:1.60.9.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:automation_manager:7.3.1:::::::*
reference_id	cpe:2.3:a:redhat:automation_manager:7.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:automation_manager:7.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:decision_manager:7.3.1:::::::*
reference_id	cpe:2.3:a:redhat:decision_manager:7.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:decision_manager:7.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_bpm_suite:6.4.11:::::::*
reference_id	cpe:2.3:a:redhat:jboss_bpm_suite:6.4.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_bpm_suite:6.4.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_brms:6.4.10:::::::*
reference_id	cpe:2.3:a:redhat:jboss_brms:6.4.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_brms:6.4.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
reference_id	cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

reference_id

CVE-2018-19362

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-19362

reference_url	https://access.redhat.com/errata/RHSA-2020:2564
reference_id	RHSA-2020:2564
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2564

reference_url	https://access.redhat.com/errata/RHSA-2021:1230
reference_id	RHSA-2021:1230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1230

reference_url	https://access.redhat.com/errata/RHSA-2021:1515
reference_id	RHSA-2021:1515
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1515

reference_url	https://usn.ubuntu.com/USN-4813-1/
reference_id	USN-USN-4813-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4813-1/

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.8

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2qzn-mkhg-1qh3

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-3wa1-khqf-x7fv

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-a5sk-5grx-eyaf

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tkej-jh51-s7g5

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-twvp-wxff-zka2

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x4fr-ena4-47fe

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.8

aliases CVE-2018-19362, GHSA-c8hm-7hpq-7jhg

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2x39-rsxh-rkgw

url VCID-56sb-829v-6qbz

vulnerability_id VCID-56sb-829v-6qbz

summary

Information Disclosure
A Polymorphic Typing issue was discovered in FasterXML jackson-databind. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has JDOM in the classpath, an attacker can send a specifically crafted JSON message that allows them to read arbitrary local files on the server.

references

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://access.redhat.com/errata/RHSA-2019:2935

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://access.redhat.com/errata/RHSA-2019:2935

reference_url

https://access.redhat.com/errata/RHSA-2019:2936

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://access.redhat.com/errata/RHSA-2019:2936

reference_url

https://access.redhat.com/errata/RHSA-2019:2937

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://access.redhat.com/errata/RHSA-2019:2937

reference_url

https://access.redhat.com/errata/RHSA-2019:2938

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://access.redhat.com/errata/RHSA-2019:2938

reference_url

https://access.redhat.com/errata/RHSA-2019:3044

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://access.redhat.com/errata/RHSA-2019:3044

reference_url

https://access.redhat.com/errata/RHSA-2019:3045

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://access.redhat.com/errata/RHSA-2019:3045

reference_url

https://access.redhat.com/errata/RHSA-2019:3046

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://access.redhat.com/errata/RHSA-2019:3046

reference_url

https://access.redhat.com/errata/RHSA-2019:3050

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://access.redhat.com/errata/RHSA-2019:3050

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://access.redhat.com/errata/RHSA-2019:3292

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://access.redhat.com/errata/RHSA-2019:3292

reference_url

https://access.redhat.com/errata/RHSA-2019:3297

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://access.redhat.com/errata/RHSA-2019:3297

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12814.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12814.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-12814

reference_id

reference_type

scores

value	0.18064
scoring_system	epss
scoring_elements	0.95149
published_at	2026-04-04T12:55:00Z

value	0.18064
scoring_system	epss
scoring_elements	0.95172
published_at	2026-04-13T12:55:00Z

value	0.18064
scoring_system	epss
scoring_elements	0.95151
published_at	2026-04-07T12:55:00Z

value	0.18064
scoring_system	epss
scoring_elements	0.95159
published_at	2026-04-08T12:55:00Z

value	0.18064
scoring_system	epss
scoring_elements	0.95163
published_at	2026-04-09T12:55:00Z

value	0.18064
scoring_system	epss
scoring_elements	0.95169
published_at	2026-04-11T12:55:00Z

value	0.18064
scoring_system	epss
scoring_elements	0.9517
published_at	2026-04-12T12:55:00Z

value	0.18339
scoring_system	epss
scoring_elements	0.95183
published_at	2026-04-01T12:55:00Z

value	0.18339
scoring_system	epss
scoring_elements	0.95195
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-12814

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12814

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/5f7c69bba07a7155adde130d9dee2e54a54f1fa5

reference_url

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/5f7c69bba07a7155adde130d9dee2e54a54f1fa5

reference_url

https://github.com/FasterXML/jackson-databind/issues/2341

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://github.com/FasterXML/jackson-databind/issues/2341

reference_url

https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/129da0204c876f746636018751a086cc581e0e07bcdeb3ee22ff5731@%3Cdev.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/129da0204c876f746636018751a086cc581e0e07bcdeb3ee22ff5731@%3Cdev.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/15a55e1d837fa686db493137cc0330c7ee1089ed9a9eea7ae7151ef1@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/15a55e1d837fa686db493137cc0330c7ee1089ed9a9eea7ae7151ef1@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/1e04d9381c801b31ab28dec813c31c304b2a596b2a3707fa5462c5c0@%3Cnotifications.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/1e04d9381c801b31ab28dec813c31c304b2a596b2a3707fa5462c5c0@%3Cnotifications.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/28be28ffd6471d230943a255c36fe196a54ef5afc494a4781d16e37c@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/28be28ffd6471d230943a255c36fe196a54ef5afc494a4781d16e37c@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/2ff264b6a94c5363a35c4c88fa93216f60ec54d1d973ed6b76a9f560@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/2ff264b6a94c5363a35c4c88fa93216f60ec54d1d973ed6b76a9f560@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d@%3Cdev.tomee.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d@%3Cdev.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E

reference_url

https://lists.apache.org/thread.html/4b832d1327703d6b287a6d223307f8f884d798821209a10647e93324@%3Cnotifications.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/4b832d1327703d6b287a6d223307f8f884d798821209a10647e93324@%3Cnotifications.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/56c8042873595b8c863054c7bfccab4bf2c01c6f5abedae249d914b9@%3Cdev.tomee.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/56c8042873595b8c863054c7bfccab4bf2c01c6f5abedae249d914b9@%3Cdev.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/5ecc333113b139429f4f05000d4aa2886974d4df3269c1dd990bb319@%3Cdev.tomee.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/5ecc333113b139429f4f05000d4aa2886974d4df3269c1dd990bb319@%3Cdev.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/5fc0e16b7af2590bf1e97c76c136291c4fdb244ee63c65c485c9a7a1@%3Cdev.tomee.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/5fc0e16b7af2590bf1e97c76c136291c4fdb244ee63c65c485c9a7a1@%3Cdev.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/71f9ffd92410a889e27b95a219eaa843fd820f8550898633d85d4ea3@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/71f9ffd92410a889e27b95a219eaa843fd820f8550898633d85d4ea3@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/87e46591de8925f719664a845572d184027258c5a7af0a471b53c77b@%3Cdev.tomee.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/87e46591de8925f719664a845572d184027258c5a7af0a471b53c77b@%3Cdev.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/8fe2983f6d9fee0aa737e4bd24483f8f5cf9b938b9adad0c4e79b2a4@%3Cnotifications.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/8fe2983f6d9fee0aa737e4bd24483f8f5cf9b938b9adad0c4e79b2a4@%3Cnotifications.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/940b4c3fef002461b89a050935337056d4a036a65ef68e0bbd4621ef@%3Cdev.struts.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/940b4c3fef002461b89a050935337056d4a036a65ef68e0bbd4621ef@%3Cdev.struts.apache.org%3E

reference_url

https://lists.apache.org/thread.html/a3ae8a8c5e32c413cd27071d3a204166050bf79ce7f1299f6866338f@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/a3ae8a8c5e32c413cd27071d3a204166050bf79ce7f1299f6866338f@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/a62aa2706105d68f1c02023fe24aaa3c13b4d8a1826181fed07d9682@%3Cnotifications.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/a62aa2706105d68f1c02023fe24aaa3c13b4d8a1826181fed07d9682@%3Cnotifications.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/a78239b1f11cddfa86e4edee19064c40b6272214630bfef070c37957@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/a78239b1f11cddfa86e4edee19064c40b6272214630bfef070c37957@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b0a2b2cca072650dbd5882719976c3d353972c44f6736ddf0ba95209@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b0a2b2cca072650dbd5882719976c3d353972c44f6736ddf0ba95209@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b148fa2e9ef468c4de00de255dd728b74e2a97d935f8ced31eb41ba2@%3Cnotifications.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b148fa2e9ef468c4de00de255dd728b74e2a97d935f8ced31eb41ba2@%3Cnotifications.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E

reference_url

https://lists.apache.org/thread.html/bf20574dbc2db255f1fd489942b5720f675e32a2c4f44eb6a36060cd@%3Ccommits.accumulo.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/bf20574dbc2db255f1fd489942b5720f675e32a2c4f44eb6a36060cd@%3Ccommits.accumulo.apache.org%3E

reference_url

https://lists.apache.org/thread.html/e0733058c0366b703e6757d8d2a7a04b943581f659e9c271f0841dfe@%3Cnotifications.geode.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/e0733058c0366b703e6757d8d2a7a04b943581f659e9c271f0841dfe@%3Cnotifications.geode.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ee0a051428d2c719acfa297d0854a189ea5e284ef3ed491fa672f4be@%3Cdev.tomee.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ee0a051428d2c719acfa297d0854a189ea5e284ef3ed491fa672f4be@%3Cdev.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/eff7280055fc717ea8129cd28a9dd57b8446d00b36260c1caee10b87@%3Cnotifications.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/eff7280055fc717ea8129cd28a9dd57b8446d00b36260c1caee10b87@%3Cnotifications.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2019/06/msg00019.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.debian.org/debian-lts-announce/2019/06/msg00019.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OVRZDN2T6AZ6DJCZJ3VSIQIVHBVMVWBL

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OVRZDN2T6AZ6DJCZJ3VSIQIVHBVMVWBL

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXRVXNRFHJSQWFHPRJQRI5UPMZ63B544

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXRVXNRFHJSQWFHPRJQRI5UPMZ63B544

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UKUALE2TUCKEKOHE2D342PQXN4MWCSLC

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UKUALE2TUCKEKOHE2D342PQXN4MWCSLC

reference_url

https://security.netapp.com/advisory/ntap-20190625-0006

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190625-0006

reference_url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_url

https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9%40%3Cdev.tomee.apache.org%3E

reference_id

0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9%40%3Cdev.tomee.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9%40%3Cdev.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/129da0204c876f746636018751a086cc581e0e07bcdeb3ee22ff5731%40%3Cdev.zookeeper.apache.org%3E

reference_id

129da0204c876f746636018751a086cc581e0e07bcdeb3ee22ff5731%40%3Cdev.zookeeper.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.apache.org/thread.html/129da0204c876f746636018751a086cc581e0e07bcdeb3ee22ff5731%40%3Cdev.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/15a55e1d837fa686db493137cc0330c7ee1089ed9a9eea7ae7151ef1%40%3Cissues.zookeeper.apache.org%3E

reference_id

15a55e1d837fa686db493137cc0330c7ee1089ed9a9eea7ae7151ef1%40%3Cissues.zookeeper.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.apache.org/thread.html/15a55e1d837fa686db493137cc0330c7ee1089ed9a9eea7ae7151ef1%40%3Cissues.zookeeper.apache.org%3E

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1725795
reference_id	1725795
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1725795

reference_url

https://lists.apache.org/thread.html/1e04d9381c801b31ab28dec813c31c304b2a596b2a3707fa5462c5c0%40%3Cnotifications.zookeeper.apache.org%3E

reference_id

1e04d9381c801b31ab28dec813c31c304b2a596b2a3707fa5462c5c0%40%3Cnotifications.zookeeper.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.apache.org/thread.html/1e04d9381c801b31ab28dec813c31c304b2a596b2a3707fa5462c5c0%40%3Cnotifications.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/28be28ffd6471d230943a255c36fe196a54ef5afc494a4781d16e37c%40%3Cissues.zookeeper.apache.org%3E

reference_id

28be28ffd6471d230943a255c36fe196a54ef5afc494a4781d16e37c%40%3Cissues.zookeeper.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.apache.org/thread.html/28be28ffd6471d230943a255c36fe196a54ef5afc494a4781d16e37c%40%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4%40%3Cdev.tomee.apache.org%3E

reference_id

2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4%40%3Cdev.tomee.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4%40%3Cdev.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/2ff264b6a94c5363a35c4c88fa93216f60ec54d1d973ed6b76a9f560%40%3Cissues.zookeeper.apache.org%3E

reference_id

2ff264b6a94c5363a35c4c88fa93216f60ec54d1d973ed6b76a9f560%40%3Cissues.zookeeper.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.apache.org/thread.html/2ff264b6a94c5363a35c4c88fa93216f60ec54d1d973ed6b76a9f560%40%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d%40%3Cdev.tomee.apache.org%3E

reference_id

34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d%40%3Cdev.tomee.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d%40%3Cdev.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592%40%3Ccommits.cassandra.apache.org%3E

reference_id

3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592%40%3Ccommits.cassandra.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592%40%3Ccommits.cassandra.apache.org%3E

reference_url

https://lists.apache.org/thread.html/4b832d1327703d6b287a6d223307f8f884d798821209a10647e93324%40%3Cnotifications.zookeeper.apache.org%3E

reference_id

4b832d1327703d6b287a6d223307f8f884d798821209a10647e93324%40%3Cnotifications.zookeeper.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.apache.org/thread.html/4b832d1327703d6b287a6d223307f8f884d798821209a10647e93324%40%3Cnotifications.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/56c8042873595b8c863054c7bfccab4bf2c01c6f5abedae249d914b9%40%3Cdev.tomee.apache.org%3E

reference_id

56c8042873595b8c863054c7bfccab4bf2c01c6f5abedae249d914b9%40%3Cdev.tomee.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.apache.org/thread.html/56c8042873595b8c863054c7bfccab4bf2c01c6f5abedae249d914b9%40%3Cdev.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/5ecc333113b139429f4f05000d4aa2886974d4df3269c1dd990bb319%40%3Cdev.tomee.apache.org%3E

reference_id

5ecc333113b139429f4f05000d4aa2886974d4df3269c1dd990bb319%40%3Cdev.tomee.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.apache.org/thread.html/5ecc333113b139429f4f05000d4aa2886974d4df3269c1dd990bb319%40%3Cdev.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/5fc0e16b7af2590bf1e97c76c136291c4fdb244ee63c65c485c9a7a1%40%3Cdev.tomee.apache.org%3E

reference_id

5fc0e16b7af2590bf1e97c76c136291c4fdb244ee63c65c485c9a7a1%40%3Cdev.tomee.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.apache.org/thread.html/5fc0e16b7af2590bf1e97c76c136291c4fdb244ee63c65c485c9a7a1%40%3Cdev.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/71f9ffd92410a889e27b95a219eaa843fd820f8550898633d85d4ea3%40%3Cissues.zookeeper.apache.org%3E

reference_id

71f9ffd92410a889e27b95a219eaa843fd820f8550898633d85d4ea3%40%3Cissues.zookeeper.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.apache.org/thread.html/71f9ffd92410a889e27b95a219eaa843fd820f8550898633d85d4ea3%40%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/87e46591de8925f719664a845572d184027258c5a7af0a471b53c77b%40%3Cdev.tomee.apache.org%3E

reference_id

87e46591de8925f719664a845572d184027258c5a7af0a471b53c77b%40%3Cdev.tomee.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.apache.org/thread.html/87e46591de8925f719664a845572d184027258c5a7af0a471b53c77b%40%3Cdev.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/8fe2983f6d9fee0aa737e4bd24483f8f5cf9b938b9adad0c4e79b2a4%40%3Cnotifications.zookeeper.apache.org%3E

reference_id

8fe2983f6d9fee0aa737e4bd24483f8f5cf9b938b9adad0c4e79b2a4%40%3Cnotifications.zookeeper.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.apache.org/thread.html/8fe2983f6d9fee0aa737e4bd24483f8f5cf9b938b9adad0c4e79b2a4%40%3Cnotifications.zookeeper.apache.org%3E

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930750
reference_id	930750
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930750

reference_url

https://lists.apache.org/thread.html/a3ae8a8c5e32c413cd27071d3a204166050bf79ce7f1299f6866338f%40%3Cissues.zookeeper.apache.org%3E

reference_id

a3ae8a8c5e32c413cd27071d3a204166050bf79ce7f1299f6866338f%40%3Cissues.zookeeper.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.apache.org/thread.html/a3ae8a8c5e32c413cd27071d3a204166050bf79ce7f1299f6866338f%40%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/a62aa2706105d68f1c02023fe24aaa3c13b4d8a1826181fed07d9682%40%3Cnotifications.zookeeper.apache.org%3E

reference_id

a62aa2706105d68f1c02023fe24aaa3c13b4d8a1826181fed07d9682%40%3Cnotifications.zookeeper.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.apache.org/thread.html/a62aa2706105d68f1c02023fe24aaa3c13b4d8a1826181fed07d9682%40%3Cnotifications.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/a78239b1f11cddfa86e4edee19064c40b6272214630bfef070c37957%40%3Cissues.zookeeper.apache.org%3E

reference_id

a78239b1f11cddfa86e4edee19064c40b6272214630bfef070c37957%40%3Cissues.zookeeper.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.apache.org/thread.html/a78239b1f11cddfa86e4edee19064c40b6272214630bfef070c37957%40%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b0a2b2cca072650dbd5882719976c3d353972c44f6736ddf0ba95209%40%3Cissues.zookeeper.apache.org%3E

reference_id

b0a2b2cca072650dbd5882719976c3d353972c44f6736ddf0ba95209%40%3Cissues.zookeeper.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.apache.org/thread.html/b0a2b2cca072650dbd5882719976c3d353972c44f6736ddf0ba95209%40%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b148fa2e9ef468c4de00de255dd728b74e2a97d935f8ced31eb41ba2%40%3Cnotifications.zookeeper.apache.org%3E

reference_id

b148fa2e9ef468c4de00de255dd728b74e2a97d935f8ced31eb41ba2%40%3Cnotifications.zookeeper.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.apache.org/thread.html/b148fa2e9ef468c4de00de255dd728b74e2a97d935f8ced31eb41ba2%40%3Cnotifications.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/bf20574dbc2db255f1fd489942b5720f675e32a2c4f44eb6a36060cd%40%3Ccommits.accumulo.apache.org%3E

reference_id

bf20574dbc2db255f1fd489942b5720f675e32a2c4f44eb6a36060cd%40%3Ccommits.accumulo.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.apache.org/thread.html/bf20574dbc2db255f1fd489942b5720f675e32a2c4f44eb6a36060cd%40%3Ccommits.accumulo.apache.org%3E

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-12814

reference_id

CVE-2019-12814

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-12814

reference_url

https://lists.apache.org/thread.html/e0733058c0366b703e6757d8d2a7a04b943581f659e9c271f0841dfe%40%3Cnotifications.geode.apache.org%3E

reference_id

e0733058c0366b703e6757d8d2a7a04b943581f659e9c271f0841dfe%40%3Cnotifications.geode.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.apache.org/thread.html/e0733058c0366b703e6757d8d2a7a04b943581f659e9c271f0841dfe%40%3Cnotifications.geode.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ee0a051428d2c719acfa297d0854a189ea5e284ef3ed491fa672f4be%40%3Cdev.tomee.apache.org%3E

reference_id

ee0a051428d2c719acfa297d0854a189ea5e284ef3ed491fa672f4be%40%3Cdev.tomee.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.apache.org/thread.html/ee0a051428d2c719acfa297d0854a189ea5e284ef3ed491fa672f4be%40%3Cdev.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/eff7280055fc717ea8129cd28a9dd57b8446d00b36260c1caee10b87%40%3Cnotifications.zookeeper.apache.org%3E

reference_id

eff7280055fc717ea8129cd28a9dd57b8446d00b36260c1caee10b87%40%3Cnotifications.zookeeper.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.apache.org/thread.html/eff7280055fc717ea8129cd28a9dd57b8446d00b36260c1caee10b87%40%3Cnotifications.zookeeper.apache.org%3E

reference_url

https://github.com/advisories/GHSA-cmfg-87vq-g5g4

reference_id

GHSA-cmfg-87vq-g5g4

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-cmfg-87vq-g5g4

reference_url

https://security.netapp.com/advisory/ntap-20190625-0006/

reference_id

ntap-20190625-0006

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://security.netapp.com/advisory/ntap-20190625-0006/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OVRZDN2T6AZ6DJCZJ3VSIQIVHBVMVWBL/

reference_id

OVRZDN2T6AZ6DJCZJ3VSIQIVHBVMVWBL

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OVRZDN2T6AZ6DJCZJ3VSIQIVHBVMVWBL/

reference_url	https://access.redhat.com/errata/RHSA-2020:0983
reference_id	RHSA-2020:0983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0983

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TXRVXNRFHJSQWFHPRJQRI5UPMZ63B544/

reference_id

TXRVXNRFHJSQWFHPRJQRI5UPMZ63B544

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TXRVXNRFHJSQWFHPRJQRI5UPMZ63B544/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UKUALE2TUCKEKOHE2D342PQXN4MWCSLC/

reference_id

UKUALE2TUCKEKOHE2D342PQXN4MWCSLC

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:29:53Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UKUALE2TUCKEKOHE2D342PQXN4MWCSLC/

reference_url	https://usn.ubuntu.com/USN-4813-1/
reference_id	USN-USN-4813-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4813-1/

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.6

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.6

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.4

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.4

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.9.1

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.9.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2qzn-mkhg-1qh3

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-3wa1-khqf-x7fv

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-a5sk-5grx-eyaf

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tkej-jh51-s7g5

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-twvp-wxff-zka2

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x4fr-ena4-47fe

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.9.1

aliases CVE-2019-12814, GHSA-cmfg-87vq-g5g4

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-56sb-829v-6qbz

url VCID-5r6v-ej7d-ubgv

vulnerability_id VCID-5r6v-ej7d-ubgv

summary An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Jodd-db jar (for database access for the Jodd framework) in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload.

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12022.json

reference_url

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12022.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-12022

reference_id

reference_type

scores

value	0.03035
scoring_system	epss
scoring_elements	0.86665
published_at	2026-04-13T12:55:00Z

value	0.03035
scoring_system	epss
scoring_elements	0.86661
published_at	2026-04-09T12:55:00Z

value	0.03035
scoring_system	epss
scoring_elements	0.86675
published_at	2026-04-11T12:55:00Z

value	0.03035
scoring_system	epss
scoring_elements	0.86672
published_at	2026-04-12T12:55:00Z

value	0.03035
scoring_system	epss
scoring_elements	0.86603
published_at	2026-04-01T12:55:00Z

value	0.03035
scoring_system	epss
scoring_elements	0.86614
published_at	2026-04-02T12:55:00Z

value	0.03035
scoring_system	epss
scoring_elements	0.86633
published_at	2026-04-04T12:55:00Z

value	0.03035
scoring_system	epss
scoring_elements	0.86632
published_at	2026-04-07T12:55:00Z

value	0.03035
scoring_system	epss
scoring_elements	0.86652
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-12022

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1671098

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1671098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11307
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11307

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14718
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14718

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14719
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14719

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14720
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14720

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226a

reference_url	https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226
reference_id
reference_type
scores
url	https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226a

reference_url

https://github.com/FasterXML/jackson-databind/commit/7487cf7eb14be2f65a1eb108e8629c07ef45e0a

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/7487cf7eb14be2f65a1eb108e8629c07ef45e0a

reference_url

https://github.com/FasterXML/jackson-databind/commit/bf261d404c2f79fd3406237710d40ebb03c99d84

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/bf261d404c2f79fd3406237710d40ebb03c99d84

reference_url

https://github.com/FasterXML/jackson-databind/issues/2052

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2052

reference_url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E

reference_url	https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d%40%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d%40%3Cissues.lucene.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZEDLDUYBSTDY4GWDBUXGJNS2RFYTFVRC/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZEDLDUYBSTDY4GWDBUXGJNS2RFYTFVRC/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZEDLDUYBSTDY4GWDBUXGJNS2RFYTFVRC

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZEDLDUYBSTDY4GWDBUXGJNS2RFYTFVRC

reference_url	https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
reference_id
reference_type
scores
url	https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_url

https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190530-0003

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190530-0003

reference_url	https://security.netapp.com/advisory/ntap-20190530-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190530-0003/

reference_url

https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE.pdf

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE.pdf

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_url

http://www.securityfocus.com/bid/107585

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/107585

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1671097
reference_id	1671097
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1671097

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:::::::*
reference_id	cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:15.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_merchandising_system:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:automation_manager:7.3.1:::::::*
reference_id	cpe:2.3:a:redhat:automation_manager:7.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:automation_manager:7.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:decision_manager:7.3.1:::::::*
reference_id	cpe:2.3:a:redhat:decision_manager:7.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:decision_manager:7.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_brms:6.4.10:::::::*
reference_id	cpe:2.3:a:redhat:jboss_brms:6.4.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_brms:6.4.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
reference_id	cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:single_sign-on:7.3:::::::*
reference_id	cpe:2.3:a:redhat:single_sign-on:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:single_sign-on:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-12022

reference_id

CVE-2018-12022

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-12022

reference_url

https://github.com/advisories/GHSA-cjjf-94ff-43w7

reference_id

GHSA-cjjf-94ff-43w7

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-cjjf-94ff-43w7

reference_url	https://usn.ubuntu.com/USN-4813-1/
reference_id	USN-USN-4813-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4813-1/

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.4

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2x39-rsxh-rkgw

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-g8gt-d7gz-13e6

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-m7jp-7n22-4qg8

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-unwq-s63h-uuaw

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.4

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.2

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2x39-rsxh-rkgw

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-g8gt-d7gz-13e6

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-m7jp-7n22-4qg8

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.2

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.6

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2qzn-mkhg-1qh3

vulnerability	VCID-2x39-rsxh-rkgw

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-3wa1-khqf-x7fv

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-a5sk-5grx-eyaf

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-g8gt-d7gz-13e6

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-m7jp-7n22-4qg8

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tkej-jh51-s7g5

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-twvp-wxff-zka2

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x4fr-ena4-47fe

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.6

aliases CVE-2018-12022, GHSA-cjjf-94ff-43w7

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5r6v-ej7d-ubgv

url VCID-5te6-415m-c7df

vulnerability_id VCID-5te6-415m-c7df

summary

Unsafe Deserialization in jackson-databind
FasterXML jackson-databind 2.x before 2.6.7.5 and from 2.7.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24750.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24750.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-24750

reference_id

reference_type

scores

value	0.01997
scoring_system	epss
scoring_elements	0.83645
published_at	2026-04-13T12:55:00Z

value	0.01997
scoring_system	epss
scoring_elements	0.8365
published_at	2026-04-12T12:55:00Z

value	0.01997
scoring_system	epss
scoring_elements	0.83657
published_at	2026-04-11T12:55:00Z

value	0.01997
scoring_system	epss
scoring_elements	0.8364
published_at	2026-04-09T12:55:00Z

value	0.01997
scoring_system	epss
scoring_elements	0.83632
published_at	2026-04-08T12:55:00Z

value	0.01997
scoring_system	epss
scoring_elements	0.83606
published_at	2026-04-04T12:55:00Z

value	0.01997
scoring_system	epss
scoring_elements	0.83592
published_at	2026-04-02T12:55:00Z

value	0.01997
scoring_system	epss
scoring_elements	0.8358
published_at	2026-04-01T12:55:00Z

value	0.01997
scoring_system	epss
scoring_elements	0.83608
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-24750

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24750
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24750

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/2118e71325486c68f089a9761c9d8a11b4ddd1cb

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/2118e71325486c68f089a9761c9d8a11b4ddd1cb

reference_url

https://github.com/FasterXML/jackson-databind/commit/6cc9f1a1af323cd156f5668a47e43bab324ae16f

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/6cc9f1a1af323cd156f5668a47e43bab324ae16f

reference_url

https://github.com/FasterXML/jackson-databind/commit/ad5a630174f08d279504bc51ebba8772fd71b86b

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/ad5a630174f08d279504bc51ebba8772fd71b86b

reference_url

https://github.com/FasterXML/jackson-databind/issues/2798

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2798

reference_url

https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html

reference_url

https://security.netapp.com/advisory/ntap-20201009-0003

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20201009-0003

reference_url	https://security.netapp.com/advisory/ntap-20201009-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20201009-0003/

reference_url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1882310
reference_id	1882310
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1882310

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-24750

reference_id

CVE-2020-24750

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-24750

reference_url

https://github.com/advisories/GHSA-qjw2-hr98-qgfh

reference_id

GHSA-qjw2-hr98-qgfh

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-qjw2-hr98-qgfh

reference_url	https://access.redhat.com/errata/RHSA-2020:4173
reference_id	RHSA-2020:4173
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4173

reference_url	https://access.redhat.com/errata/RHSA-2020:5635
reference_id	RHSA-2020:5635
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5635

reference_url	https://access.redhat.com/errata/RHSA-2021:1230
reference_id	RHSA-2021:1230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1230

reference_url	https://access.redhat.com/errata/RHSA-2021:1515
reference_id	RHSA-2021:1515
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1515

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.6

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.6

aliases CVE-2020-24750, GHSA-qjw2-hr98-qgfh

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5te6-415m-c7df

url VCID-6zee-aqcc-vfbp

vulnerability_id VCID-6zee-aqcc-vfbp

summary An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltration of content. Fixed in 2.7.9.4, 2.8.11.2, and 2.9.6.

references

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11307.json

reference_url

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11307.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-11307

reference_id

reference_type

scores

value	0.12636
scoring_system	epss
scoring_elements	0.93971
published_at	2026-04-13T12:55:00Z

value	0.12636
scoring_system	epss
scoring_elements	0.93935
published_at	2026-04-01T12:55:00Z

value	0.12636
scoring_system	epss
scoring_elements	0.93953
published_at	2026-04-04T12:55:00Z

value	0.12636
scoring_system	epss
scoring_elements	0.93956
published_at	2026-04-07T12:55:00Z

value	0.12636
scoring_system	epss
scoring_elements	0.93964
published_at	2026-04-08T12:55:00Z

value	0.12636
scoring_system	epss
scoring_elements	0.93968
published_at	2026-04-09T12:55:00Z

value	0.12636
scoring_system	epss
scoring_elements	0.93944
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-11307

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11307
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11307

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14718
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14718

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14719
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14719

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14720
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14720

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/051bd5e447fbc9539e12a4fe90eb989dba0c656

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/051bd5e447fbc9539e12a4fe90eb989dba0c656

reference_url

https://github.com/FasterXML/jackson-databind/commit/27b4defc270454dea6842bd9279f17387eceb73

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/27b4defc270454dea6842bd9279f17387eceb73

reference_url

https://github.com/FasterXML/jackson-databind/commit/78e78738d69adcb59fdac9fc12d9053ce8809f3d

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/78e78738d69adcb59fdac9fc12d9053ce8809f3d

reference_url

https://github.com/FasterXML/jackson-databind/issues/2032

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2032

reference_url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_url

https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1677341
reference_id	1677341
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1677341

reference_url

reference_id

CVE-2017-7525

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-11307

reference_url

reference_id

CVE-2018-11307

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-11307

reference_url

https://github.com/advisories/GHSA-qr7j-h6gg-jmgc

reference_id

GHSA-qr7j-h6gg-jmgc

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-qr7j-h6gg-jmgc

reference_url	https://usn.ubuntu.com/USN-4813-1/
reference_id	USN-USN-4813-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4813-1/

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.4

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2x39-rsxh-rkgw

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-g8gt-d7gz-13e6

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-m7jp-7n22-4qg8

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-unwq-s63h-uuaw

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.4

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.2

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2x39-rsxh-rkgw

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-g8gt-d7gz-13e6

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-m7jp-7n22-4qg8

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.2

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.6

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2qzn-mkhg-1qh3

vulnerability	VCID-2x39-rsxh-rkgw

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-3wa1-khqf-x7fv

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-a5sk-5grx-eyaf

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-g8gt-d7gz-13e6

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-m7jp-7n22-4qg8

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tkej-jh51-s7g5

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-twvp-wxff-zka2

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x4fr-ena4-47fe

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.6

aliases CVE-2018-11307, GHSA-qr7j-h6gg-jmgc

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6zee-aqcc-vfbp

url VCID-75mz-c1ds-vqed

vulnerability_id VCID-75mz-c1ds-vqed

summary

Deserialization of Untrusted Data
FasterXML jackson-databind might allow remote attackers to execute arbitrary code by leveraging failure to block the `slf4j-ext` class from polymorphic deserialization.

references

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14718.json

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14718.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14718

reference_id

reference_type

scores

value	0.14515
scoring_system	epss
scoring_elements	0.94452
published_at	2026-04-13T12:55:00Z

value	0.14515
scoring_system	epss
scoring_elements	0.94414
published_at	2026-04-01T12:55:00Z

value	0.14515
scoring_system	epss
scoring_elements	0.94421
published_at	2026-04-02T12:55:00Z

value	0.14515
scoring_system	epss
scoring_elements	0.94432
published_at	2026-04-04T12:55:00Z

value	0.14515
scoring_system	epss
scoring_elements	0.94434
published_at	2026-04-07T12:55:00Z

value	0.14515
scoring_system	epss
scoring_elements	0.94444
published_at	2026-04-08T12:55:00Z

value	0.14515
scoring_system	epss
scoring_elements	0.94448
published_at	2026-04-09T12:55:00Z

value	0.14515
scoring_system	epss
scoring_elements	0.94451
published_at	2026-04-11T12:55:00Z

value	0.14515
scoring_system	epss
scoring_elements	0.94453
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14718

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11307
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11307

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14718
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14718

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14719
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14719

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14720
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14720

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086

reference_url

https://github.com/advisories/GHSA-645p-88qh-w398

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-645p-88qh-w398

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44

reference_url

https://github.com/FasterXML/jackson-databind/issues/2097

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2097

reference_url

https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7

reference_url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E

reference_url	https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286%40%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286%40%3Cdev.lucene.apache.org%3E

reference_url

https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E

reference_url	https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f%40%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f%40%3Cdev.lucene.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E

reference_url	https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df%40%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df%40%3Cdev.lucene.apache.org%3E

reference_url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1%40%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1%40%3Ccommits.druid.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190530-0003

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190530-0003

reference_url	https://security.netapp.com/advisory/ntap-20190530-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190530-0003/

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_url

http://www.securityfocus.com/bid/106601

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/106601

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1666415
reference_id	1666415
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1666415

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*
reference_id	cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapcenter:-:::::::*
reference_id	cpe:2.3:a:netapp:snapcenter:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapcenter:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*
reference_id	cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.2:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:::::::*
reference_id	cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:::::::*
reference_id	cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.2:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.3:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.3.1:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.2:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.3:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.4:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.5:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_opatch::::::::
reference_id	cpe:2.3:a:oracle:global_lifecycle_management_opatch::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_opatch::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2:::::::*
reference_id	cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:::::::*
reference_id	cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:::::::*
reference_id	cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:nosql_database::::::::
reference_id	cpe:2.3:a:oracle:nosql_database::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:nosql_database::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:nosql_database:19.3.12:::::::*
reference_id	cpe:2.3:a:oracle:nosql_database:19.3.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:nosql_database:19.3.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management::::::::
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:::::::*
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:::::::*
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:::::::*
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2:::::::*
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:18.8:::::::*
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:18.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:18.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier::::::::
reference_id	cpe:2.3:a:oracle:primavera_unifier::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:17.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:17.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:17.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:15.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_merchandising_system:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:15.0:::::::*

100

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:16.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_merchandising_system:16.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:16.0:::::::*

101

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_workforce_management_software:1.60.9.0.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_workforce_management_software:1.60.9.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_workforce_management_software:1.60.9.0.0:::::::*

102

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:siebel_engineering_-_installer_\&_deployment::::::::
reference_id	cpe:2.3:a:oracle:siebel_engineering_-_installer_\&_deployment::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:siebel_engineering_-_installer_\&_deployment::::::::

103

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:siebel_ui_framework::::::::
reference_id	cpe:2.3:a:oracle:siebel_ui_framework::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:siebel_ui_framework::::::::

104

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*

105

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform::::::::
reference_id	cpe:2.3:a:redhat:openshift_container_platform::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform::::::::

106

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.10:::::::*
reference_id	cpe:2.3:a:redhat:openshift_container_platform:3.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.10:::::::*

107

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

108

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

109

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

110

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-14718

reference_id

CVE-2018-14718

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-14718

111

reference_url	https://access.redhat.com/errata/RHSA-2020:2564
reference_id	RHSA-2020:2564
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2564

112

reference_url	https://access.redhat.com/errata/RHSA-2021:1230
reference_id	RHSA-2021:1230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1230

113

reference_url	https://access.redhat.com/errata/RHSA-2021:1515
reference_id	RHSA-2021:1515
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1515

114

reference_url	https://usn.ubuntu.com/USN-4813-1/
reference_id	USN-USN-4813-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4813-1/

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.7

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2qzn-mkhg-1qh3

vulnerability	VCID-2x39-rsxh-rkgw

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-3wa1-khqf-x7fv

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-a5sk-5grx-eyaf

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-g8gt-d7gz-13e6

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-m7jp-7n22-4qg8

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tkej-jh51-s7g5

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-twvp-wxff-zka2

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x4fr-ena4-47fe

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.7

aliases CVE-2018-14718, GHSA-645p-88qh-w398

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-75mz-c1ds-vqed

url VCID-8h7y-y4pv-cyd3

vulnerability_id VCID-8h7y-y4pv-cyd3

summary

jackson-databind vulnerable to unsafe deserialization
The com.fasterxml.jackson.core:jackson-databind library before version 2.9.10.4 is vulnerable to an Unsafe Deserialization vulnerability when handling interactions related to the class `ignite-jta`.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-10650

reference_id

reference_type

scores

value	0.09853
scoring_system	epss
scoring_elements	0.92955
published_at	2026-04-01T12:55:00Z

value	0.09853
scoring_system	epss
scoring_elements	0.92984
published_at	2026-04-13T12:55:00Z

value	0.09853
scoring_system	epss
scoring_elements	0.92983
published_at	2026-04-12T12:55:00Z

value	0.09853
scoring_system	epss
scoring_elements	0.92985
published_at	2026-04-11T12:55:00Z

value	0.09853
scoring_system	epss
scoring_elements	0.9298
published_at	2026-04-09T12:55:00Z

value	0.09853
scoring_system	epss
scoring_elements	0.92976
published_at	2026-04-08T12:55:00Z

value	0.09853
scoring_system	epss
scoring_elements	0.92967
published_at	2026-04-07T12:55:00Z

value	0.09853
scoring_system	epss
scoring_elements	0.92968
published_at	2026-04-04T12:55:00Z

value	0.09853
scoring_system	epss
scoring_elements	0.92964
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-10650

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10650
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10650

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/a424c038ba0c0d65e579e22001dec925902ac0ef

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-14T16:21:17Z/

url

https://github.com/FasterXML/jackson-databind/commit/a424c038ba0c0d65e579e22001dec925902ac0ef

reference_url

https://github.com/FasterXML/jackson-databind/issues/2658

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-14T16:21:17Z/

url

https://github.com/FasterXML/jackson-databind/issues/2658

reference_url

https://github.com/FasterXML/jackson-databind/pull/2864

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/pull/2864

reference_url

https://github.com/luisgarciacheckmarx/LGV_onefile/issues/19

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/luisgarciacheckmarx/LGV_onefile/issues/19

reference_url

https://lists.debian.org/debian-lts-announce/2023/04/msg00032.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-14T16:21:17Z/

url

https://lists.debian.org/debian-lts-announce/2023/04/msg00032.html

reference_url

https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-10650

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-10650

reference_url

https://security.netapp.com/advisory/ntap-20230818-0007

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20230818-0007

reference_url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-14T16:21:17Z/

url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2022.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-14T16:21:17Z/

url

https://www.oracle.com/security-alerts/cpuoct2022.html

reference_url

https://github.com/advisories/GHSA-rpr3-cw39-3pxh

reference_id

GHSA-rpr3-cw39-3pxh

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-14T16:21:17Z/

url

https://github.com/advisories/GHSA-rpr3-cw39-3pxh

reference_url

https://security.netapp.com/advisory/ntap-20230818-0007/

reference_id

ntap-20230818-0007

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-14T16:21:17Z/

url

https://security.netapp.com/advisory/ntap-20230818-0007/

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.4

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.4

aliases CVE-2020-10650, GHSA-rpr3-cw39-3pxh, GMS-2022-2955

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8h7y-y4pv-cyd3

url VCID-8jw8-6tev-aqgm

vulnerability_id VCID-8jw8-6tev-aqgm

summary

Improper Input Validation
Fasterxml Jackson does not properly validate user input leading to a DoS. Specifically, deserializing malicious input of very large values in the nanoseconds field of a time value.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000873.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000873.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000873

reference_id

reference_type

scores

value	0.02189
scoring_system	epss
scoring_elements	0.84311
published_at	2026-04-01T12:55:00Z

value	0.02189
scoring_system	epss
scoring_elements	0.84393
published_at	2026-04-11T12:55:00Z

value	0.02189
scoring_system	epss
scoring_elements	0.84376
published_at	2026-04-09T12:55:00Z

value	0.02189
scoring_system	epss
scoring_elements	0.8437
published_at	2026-04-08T12:55:00Z

value	0.02189
scoring_system	epss
scoring_elements	0.84349
published_at	2026-04-07T12:55:00Z

value	0.02189
scoring_system	epss
scoring_elements	0.84346
published_at	2026-04-04T12:55:00Z

value	0.02189
scoring_system	epss
scoring_elements	0.84325
published_at	2026-04-02T12:55:00Z

value	0.02189
scoring_system	epss
scoring_elements	0.84382
published_at	2026-04-13T12:55:00Z

value	0.02189
scoring_system	epss
scoring_elements	0.84387
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000873

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1665601

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1665601

reference_url

https://github.com/FasterXML/jackson-modules-java8

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-modules-java8

reference_url

https://github.com/FasterXML/jackson-modules-java8/issues/90

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-modules-java8/issues/90

reference_url

https://github.com/FasterXML/jackson-modules-java8/pull/87

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-modules-java8/pull/87

reference_url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E

reference_url	https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E

reference_url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E

reference_url	https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E

reference_url

https://security.netapp.com/advisory/ntap-20200904-0004

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200904-0004

reference_url	https://security.netapp.com/advisory/ntap-20200904-0004/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200904-0004/

reference_url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-modules-java8::::::::
reference_id	cpe:2.3:a:fasterxml:jackson-modules-java8::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-modules-java8::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager::::::linux::*
reference_id	cpe:2.3:a:netapp:active_iq_unified_manager::::::linux::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager::::::linux::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager::::::vmware_vsphere::*
reference_id	cpe:2.3:a:netapp:active_iq_unified_manager::::::vmware_vsphere::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager::::::vmware_vsphere::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager::::::windows::*
reference_id	cpe:2.3:a:netapp:active_iq_unified_manager::::::windows::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager::::::windows::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:clusterware:12.1.0.2.0:::::::*
reference_id	cpe:2.3:a:oracle:clusterware:12.1.0.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:clusterware:12.1.0.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database_server:12.1.0.2:::::::*
reference_id	cpe:2.3:a:oracle:database_server:12.1.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database_server:12.1.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database_server:12.2.0.1:::::::*
reference_id	cpe:2.3:a:oracle:database_server:12.2.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database_server:12.2.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database_server:18c:::::::*
reference_id	cpe:2.3:a:oracle:database_server:18c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database_server:18c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database_server:19c:::::::*
reference_id	cpe:2.3:a:oracle:database_server:19c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database_server:19c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_opatch::::::::
reference_id	cpe:2.3:a:oracle:global_lifecycle_management_opatch::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_opatch::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:nosql_database::::::::
reference_id	cpe:2.3:a:oracle:nosql_database::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:nosql_database::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-1000873

reference_id

CVE-2018-1000873

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-1000873

reference_url

https://github.com/advisories/GHSA-h4x4-5qp2-wp46

reference_id

GHSA-h4x4-5qp2-wp46

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-h4x4-5qp2-wp46

reference_url	https://access.redhat.com/errata/RHSA-2020:5568
reference_id	RHSA-2020:5568
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5568

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.8

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2qzn-mkhg-1qh3

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-3wa1-khqf-x7fv

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-a5sk-5grx-eyaf

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tkej-jh51-s7g5

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-twvp-wxff-zka2

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x4fr-ena4-47fe

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.8

aliases CVE-2018-1000873, GHSA-h4x4-5qp2-wp46

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8jw8-6tev-aqgm

url VCID-8tmq-zbmb-m7h4

vulnerability_id VCID-8tmq-zbmb-m7h4

summary

jackson-databind polymorphic typing issue
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 prior to 2.9.10.1, 2.8.11.5, and 2.6.7.3. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.

references

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16943.json

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16943.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-16943

reference_id

reference_type

scores

value	0.01841
scoring_system	epss
scoring_elements	0.82916
published_at	2026-04-07T12:55:00Z

value	0.01841
scoring_system	epss
scoring_elements	0.8292
published_at	2026-04-04T12:55:00Z

value	0.01841
scoring_system	epss
scoring_elements	0.82907
published_at	2026-04-02T12:55:00Z

value	0.01841
scoring_system	epss
scoring_elements	0.82891
published_at	2026-04-01T12:55:00Z

value	0.01841
scoring_system	epss
scoring_elements	0.82941
published_at	2026-04-08T12:55:00Z

value	0.01841
scoring_system	epss
scoring_elements	0.82948
published_at	2026-04-09T12:55:00Z

value	0.01841
scoring_system	epss
scoring_elements	0.82964
published_at	2026-04-11T12:55:00Z

value	0.01841
scoring_system	epss
scoring_elements	0.82959
published_at	2026-04-12T12:55:00Z

value	0.01841
scoring_system	epss
scoring_elements	0.82955
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-16943

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14379
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14379

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14439
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14439

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14540
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14540

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16335
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16335

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16942
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16942

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16943
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16943

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/328a0f833daf6baa443ac3b37c818a0204714b0b

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/328a0f833daf6baa443ac3b37c818a0204714b0b

reference_url

https://github.com/FasterXML/jackson-databind/commit/bc67eb11a7cf57561f861ff16f879f1fceb5779f

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/bc67eb11a7cf57561f861ff16f879f1fceb5779f

reference_url

https://github.com/FasterXML/jackson-databind/issues/2478

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2478

reference_url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/5ec8d8d485c2c8ac55ea425f4cd96596ef37312532712639712ebcdd@%3Ccommits.iceberg.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/5ec8d8d485c2c8ac55ea425f4cd96596ef37312532712639712ebcdd@%3Ccommits.iceberg.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5ec8d8d485c2c8ac55ea425f4cd96596ef37312532712639712ebcdd%40%3Ccommits.iceberg.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5ec8d8d485c2c8ac55ea425f4cd96596ef37312532712639712ebcdd%40%3Ccommits.iceberg.apache.org%3E

reference_url

https://lists.apache.org/thread.html/6788e4c991f75b89d290ad06b463fcd30bcae99fee610345a35b7bc6@%3Cissues.iceberg.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/6788e4c991f75b89d290ad06b463fcd30bcae99fee610345a35b7bc6@%3Cissues.iceberg.apache.org%3E

reference_url	https://lists.apache.org/thread.html/6788e4c991f75b89d290ad06b463fcd30bcae99fee610345a35b7bc6%40%3Cissues.iceberg.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/6788e4c991f75b89d290ad06b463fcd30bcae99fee610345a35b7bc6%40%3Cissues.iceberg.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f%40%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f%40%3Ccommits.druid.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT/

reference_url	https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
reference_id
reference_type
scores
url	https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_url

https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-16943

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-16943

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20191017-0006

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20191017-0006

reference_url	https://security.netapp.com/advisory/ntap-20191017-0006/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20191017-0006/

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1758191
reference_id	1758191
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1758191

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941530
reference_id	941530
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941530

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager::::::linux::*
reference_id	cpe:2.3:a:netapp:active_iq_unified_manager::::::linux::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager::::::linux::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager::::::vmware_vsphere::*
reference_id	cpe:2.3:a:netapp:active_iq_unified_manager::::::vmware_vsphere::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager::::::vmware_vsphere::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager::::::windows::*
reference_id	cpe:2.3:a:netapp:active_iq_unified_manager::::::windows::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager::::::windows::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_api_services:-:::::::*
reference_id	cpe:2.3:a:netapp:oncommand_api_services:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_api_services:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*
reference_id	cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:service_level_manager:-:::::::*
reference_id	cpe:2.3:a:netapp:service_level_manager:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:service_level_manager:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*
reference_id	cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.4.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.4.1:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.2:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.7.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.7.1:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.9.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_calendar_server:8.0.0.2.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_calendar_server:8.0.0.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_calendar_server:8.0.0.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_calendar_server:8.0.0.3.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_calendar_server:8.0.0.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_calendar_server:8.0.0.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:12.2.1.4.0:::::::*
reference_id	cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:12.2.1.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:12.2.1.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:13.9.4.2.2:::::::*
reference_id	cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:13.9.4.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:13.9.4.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:::::::*
reference_id	cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2:::::::*
reference_id	cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:::::::*
reference_id	cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway::::::::
reference_id	cpe:2.3:a:oracle:primavera_gateway::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:16.1:::::::*
reference_id	cpe:2.3:a:oracle:primavera_gateway:16.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:16.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:16.2:::::::*
reference_id	cpe:2.3:a:oracle:primavera_gateway:16.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:16.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:19.12.0:::::::*
reference_id	cpe:2.3:a:oracle:primavera_gateway:19.12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:19.12.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:15.0.3:::::::*
reference_id	cpe:2.3:a:oracle:retail_merchandising_system:15.0.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:15.0.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:16.0.2:::::::*
reference_id	cpe:2.3:a:oracle:retail_merchandising_system:16.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:16.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:16.0.3:::::::*
reference_id	cpe:2.3:a:oracle:retail_merchandising_system:16.0.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:16.0.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_sales_audit:14.1:::::::*
reference_id	cpe:2.3:a:oracle:retail_sales_audit:14.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_sales_audit:14.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:siebel_engineering_-_installer_\&_deployment::::::::
reference_id	cpe:2.3:a:oracle:siebel_engineering_-_installer_\&_deployment::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:siebel_engineering_-_installer_\&_deployment::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:trace_file_analyzer:12.2.0.1:::::::*
reference_id	cpe:2.3:a:oracle:trace_file_analyzer:12.2.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:trace_file_analyzer:12.2.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:trace_file_analyzer:18c:::::::*
reference_id	cpe:2.3:a:oracle:trace_file_analyzer:18c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:trace_file_analyzer:18c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:trace_file_analyzer:19c:::::::*
reference_id	cpe:2.3:a:oracle:trace_file_analyzer:19c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:trace_file_analyzer:19c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*
reference_id	cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:::::::*
reference_id	cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:::::::*

100

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*

101

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*
reference_id	cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*

102

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:::::::*

103

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:::::::*

104

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*

105

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

106

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

107

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

108

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*

109

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

110

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

111

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:8.0:::::::*

112

reference_url

https://github.com/advisories/GHSA-fmmc-742q-jg75

reference_id

GHSA-fmmc-742q-jg75

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-fmmc-742q-jg75

113

reference_url	https://access.redhat.com/errata/RHSA-2020:0895
reference_id	RHSA-2020:0895
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0895

114

reference_url	https://access.redhat.com/errata/RHSA-2020:0899
reference_id	RHSA-2020:0899
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0899

115

reference_url	https://access.redhat.com/errata/RHSA-2020:0939
reference_id	RHSA-2020:0939
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0939

116

reference_url	https://access.redhat.com/errata/RHSA-2020:1644
reference_id	RHSA-2020:1644
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1644

117

reference_url	https://access.redhat.com/errata/RHSA-2020:2067
reference_id	RHSA-2020:2067
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2067

118

reference_url	https://access.redhat.com/errata/RHSA-2020:2321
reference_id	RHSA-2020:2321
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2321

119

reference_url	https://access.redhat.com/errata/RHSA-2020:2333
reference_id	RHSA-2020:2333
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2333

120

reference_url	https://access.redhat.com/errata/RHSA-2020:3192
reference_id	RHSA-2020:3192
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3192

121

reference_url	https://usn.ubuntu.com/USN-4813-1/
reference_id	USN-USN-4813-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4813-1/

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.1

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qzn-mkhg-1qh3

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-3wa1-khqf-x7fv

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-a5sk-5grx-eyaf

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tkej-jh51-s7g5

vulnerability	VCID-twvp-wxff-zka2

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x4fr-ena4-47fe

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.1

aliases CVE-2019-16943, GHSA-fmmc-742q-jg75

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8tmq-zbmb-m7h4

url VCID-96pq-m4f3-zbad

vulnerability_id VCID-96pq-m4f3-zbad

summary

Deserialization of Untrusted Data in jackson-databind
FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5, and 2.9.x before 2.9.10.2 lacks certain `net.sf.ehcache` blocking.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20330.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20330.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-20330

reference_id

reference_type

scores

value	0.01863
scoring_system	epss
scoring_elements	0.83054
published_at	2026-04-13T12:55:00Z

value	0.01863
scoring_system	epss
scoring_elements	0.83059
published_at	2026-04-12T12:55:00Z

value	0.01863
scoring_system	epss
scoring_elements	0.83065
published_at	2026-04-11T12:55:00Z

value	0.01863
scoring_system	epss
scoring_elements	0.83049
published_at	2026-04-09T12:55:00Z

value	0.01863
scoring_system	epss
scoring_elements	0.83042
published_at	2026-04-08T12:55:00Z

value	0.01863
scoring_system	epss
scoring_elements	0.83017
published_at	2026-04-07T12:55:00Z

value	0.01863
scoring_system	epss
scoring_elements	0.8302
published_at	2026-04-04T12:55:00Z

value	0.01863
scoring_system	epss
scoring_elements	0.83006
published_at	2026-04-02T12:55:00Z

value	0.01863
scoring_system	epss
scoring_elements	0.8299
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-20330

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20330
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20330

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/eb254813cc822d0af015ce8fe05febf50721dc53

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/eb254813cc822d0af015ce8fe05febf50721dc53

reference_url

https://github.com/FasterXML/jackson-databind/commit/fc4214a883dc087070f25da738ef0d49c2f3387e

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/fc4214a883dc087070f25da738ef0d49c2f3387e

reference_url

https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.10.1...jackson-databind-2.9.10.2

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.10.1...jackson-databind-2.9.10.2

reference_url

https://github.com/FasterXML/jackson-databind/issues/2526

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2526

reference_url

https://lists.apache.org/thread.html/r107c8737db39ec9ec4f4e7147b249e29be79170b9ef4b80528105a2d@%3Cdev.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r107c8737db39ec9ec4f4e7147b249e29be79170b9ef4b80528105a2d@%3Cdev.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r2c77dd6ab8344285bd8e481b57cf3029965a4b0036eefccef74cdd44@%3Cnotifications.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r2c77dd6ab8344285bd8e481b57cf3029965a4b0036eefccef74cdd44@%3Cnotifications.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3f8180d0d25a7c6473ebb9714b0c1d19a73f455ae70d0c5fefc17e6c@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3f8180d0d25a7c6473ebb9714b0c1d19a73f455ae70d0c5fefc17e6c@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r428735963bee7cb99877b88d3228e28ec28af64646455c4f3e7a3c94@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r428735963bee7cb99877b88d3228e28ec28af64646455c4f3e7a3c94@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r50f513772f12e1babf65c7c2b9c16425bac2d945351879e2e267517f@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r50f513772f12e1babf65c7c2b9c16425bac2d945351879e2e267517f@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r5c14fdcabdeaba258857bcb67198652e4dce1d33ddc590cd81d82393@%3Cdev.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r5c14fdcabdeaba258857bcb67198652e4dce1d33ddc590cd81d82393@%3Cdev.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r5c3644c97f0434d1ceb48ff48897a67bdbf3baf7efbe7d04625425b3@%3Ccommits.druid.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r5c3644c97f0434d1ceb48ff48897a67bdbf3baf7efbe7d04625425b3@%3Ccommits.druid.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r5d3d10fdf28110da3f9ac1b7d08d7e252f98d7d37ce0a6bd139a2e4f@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r5d3d10fdf28110da3f9ac1b7d08d7e252f98d7d37ce0a6bd139a2e4f@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r67f4d4c48197454b83d62afbed8bebbda3764e6e3a6e26a848961764@%3Ccommits.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r67f4d4c48197454b83d62afbed8bebbda3764e6e3a6e26a848961764@%3Ccommits.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r707d23bb9ee245f50aa909add0da6e8d8f24719b1278ddd99d2428b2@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r707d23bb9ee245f50aa909add0da6e8d8f24719b1278ddd99d2428b2@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r7a0821b44247a1e6c6fe5f2943b90ebc4f80a8d1fb0aa9a8b29a59a2@%3Ccommits.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r7a0821b44247a1e6c6fe5f2943b90ebc4f80a8d1fb0aa9a8b29a59a2@%3Ccommits.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r7fb123e7dad49af5886cfec7135c0fd5b74e4c67af029e1dc91ba744@%3Ccommits.druid.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r7fb123e7dad49af5886cfec7135c0fd5b74e4c67af029e1dc91ba744@%3Ccommits.druid.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r8831b7fa5ca87a1cf23ee08d6dedb7877a964c1d2bd869af24056a63@%3Ccommits.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r8831b7fa5ca87a1cf23ee08d6dedb7877a964c1d2bd869af24056a63@%3Ccommits.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r909c822409a276ba04dc2ae31179b16f6864ba02c4f9911bdffebf95@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r909c822409a276ba04dc2ae31179b16f6864ba02c4f9911bdffebf95@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ra2e572f568de8df5ba151e6aebb225a0629faaf0476bf7c7ed877af8@%3Cnotifications.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ra2e572f568de8df5ba151e6aebb225a0629faaf0476bf7c7ed877af8@%3Cnotifications.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ra5ce96faec37c26b0aa15b4b6a8b1cbb145a748653e56ae83e9685d0@%3Cnotifications.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ra5ce96faec37c26b0aa15b4b6a8b1cbb145a748653e56ae83e9685d0@%3Cnotifications.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ra8a80dbc7319916946397823aec0d893d24713cbf7b5aee0e957298c@%3Cdev.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ra8a80dbc7319916946397823aec0d893d24713cbf7b5aee0e957298c@%3Cdev.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rb532fed78d031fff477fd840b81946f6d1200f93a63698dae65aa528@%3Ccommits.druid.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb532fed78d031fff477fd840b81946f6d1200f93a63698dae65aa528@%3Ccommits.druid.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rd1f346227e11fc515914f3a7b20d81543e51e5822ba71baa0452634a@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rd1f346227e11fc515914f3a7b20d81543e51e5822ba71baa0452634a@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rd49cfa41bbb71ef33b53736a6af2aa8ba88c2106e30f2a34902a87d2@%3Cnotifications.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rd49cfa41bbb71ef33b53736a6af2aa8ba88c2106e30f2a34902a87d2@%3Cnotifications.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rd6c6fef14944f3dcfb58d35f9317eb1c32a700e86c1b5231e45d3d0b@%3Ccommits.druid.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rd6c6fef14944f3dcfb58d35f9317eb1c32a700e86c1b5231e45d3d0b@%3Ccommits.druid.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rfa57d9c2a27d3af14c69607fb1a3da00e758b2092aa88eb6a51b6e99@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rfa57d9c2a27d3af14c69607fb1a3da00e758b2092aa88eb6a51b6e99@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2020/02/msg00020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/02/msg00020.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-20330

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-20330

reference_url

https://security.netapp.com/advisory/ntap-20200127-0004

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200127-0004

reference_url	https://security.netapp.com/advisory/ntap-20200127-0004/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200127-0004/

reference_url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1793154
reference_id	1793154
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1793154

reference_url

https://github.com/advisories/GHSA-gww7-p5w4-wrfv

reference_id

GHSA-gww7-p5w4-wrfv

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-gww7-p5w4-wrfv

reference_url	https://access.redhat.com/errata/RHSA-2020:0939
reference_id	RHSA-2020:0939
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0939

reference_url	https://access.redhat.com/errata/RHSA-2020:0951
reference_id	RHSA-2020:0951
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0951

reference_url	https://access.redhat.com/errata/RHSA-2020:1644
reference_id	RHSA-2020:1644
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1644

reference_url	https://access.redhat.com/errata/RHSA-2020:2067
reference_id	RHSA-2020:2067
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2067

reference_url	https://access.redhat.com/errata/RHSA-2020:2333
reference_id	RHSA-2020:2333
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2333

reference_url	https://access.redhat.com/errata/RHSA-2020:3192
reference_id	RHSA-2020:3192
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3192

reference_url	https://access.redhat.com/errata/RHSA-2020:3196
reference_id	RHSA-2020:3196
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3196

reference_url	https://access.redhat.com/errata/RHSA-2020:3197
reference_id	RHSA-2020:3197
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3197

reference_url	https://usn.ubuntu.com/USN-4813-1/
reference_id	USN-USN-4813-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4813-1/

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.7

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.7

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.2

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qzn-mkhg-1qh3

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-3wa1-khqf-x7fv

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-a5sk-5grx-eyaf

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tkej-jh51-s7g5

vulnerability	VCID-twvp-wxff-zka2

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x4fr-ena4-47fe

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.2

aliases CVE-2019-20330, GHSA-gww7-p5w4-wrfv

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-96pq-m4f3-zbad

url VCID-9h46-72hw-bkcr

vulnerability_id VCID-9h46-72hw-bkcr

summary Multiple vulnerabilities have been found in FasterXML jackson-databind, the worst of which could result in denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42003.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42003.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-42003

reference_id

reference_type

scores

value	0.00319
scoring_system	epss
scoring_elements	0.54897
published_at	2026-04-13T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.5492
published_at	2026-04-12T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54939
published_at	2026-04-11T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54926
published_at	2026-04-09T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54928
published_at	2026-04-08T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54878
published_at	2026-04-07T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54883
published_at	2026-04-02T12:55:00Z

value	0.00319
scoring_system	epss
scoring_elements	0.54909
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-42003

reference_url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51020

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51020

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42003
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42003

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42004
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42004

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/blob/2.13/release-notes/VERSION-2.x

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/blob/2.13/release-notes/VERSION-2.x

reference_url

https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/0e37a39502439ecbaa1a5b5188387c01bf7f7fa1

reference_url

https://github.com/FasterXML/jackson-databind/commit/2c4a601c626f7790cad9d3c322d244e182838288

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/2c4a601c626f7790cad9d3c322d244e182838288

reference_url

https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/7ba9ac5b87a9d6ac0d2815158ecbeb315ad4dcdc

reference_url

https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea

reference_url

https://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/d499f2e7bbc5ebd63af11e1f5cf1989fa323aa45

reference_url

https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33

reference_url

https://github.com/FasterXML/jackson-databind/commits/jackson-databind-2.4.0-rc1?after=75b97b8519f0d50c62523ad85170d80a197a2c86+174&branch=jackson-databind-2.4.0-rc1&qualified_name=refs%2Ftags%2Fjackson-databind-2.4.0-rc1

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.13.4.1...jackson-databind-2.13.4.2

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.13.4.1...jackson-databind-2.13.4.2

reference_url

https://github.com/FasterXML/jackson-databind/issues/3590

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/3590

reference_url

https://github.com/FasterXML/jackson-databind/issues/3627

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/3627

reference_url

https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-42003

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-42003

reference_url

https://security.netapp.com/advisory/ntap-20221124-0004

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20221124-0004

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-jjjh-jjxp-wpff

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2135244
reference_id	2135244
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2135244

reference_url

reference_id

GHSA-jjjh-jjxp-wpff

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-jjjh-jjxp-wpff

reference_url

reference_id

GLSA-202210-21

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10969.json

reference_url	https://access.redhat.com/errata/RHSA-2022:7435
reference_id	RHSA-2022:7435
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7435

reference_url	https://access.redhat.com/errata/RHSA-2022:8781
reference_id	RHSA-2022:8781
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8781

reference_url	https://access.redhat.com/errata/RHSA-2022:8876
reference_id	RHSA-2022:8876
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8876

reference_url	https://access.redhat.com/errata/RHSA-2022:8889
reference_id	RHSA-2022:8889
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8889

reference_url	https://access.redhat.com/errata/RHSA-2022:9023
reference_id	RHSA-2022:9023
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:9023

reference_url	https://access.redhat.com/errata/RHSA-2022:9032
reference_id	RHSA-2022:9032
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:9032

reference_url	https://access.redhat.com/errata/RHSA-2023:0189
reference_id	RHSA-2023:0189
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0189

reference_url	https://access.redhat.com/errata/RHSA-2023:0261
reference_id	RHSA-2023:0261
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0261

reference_url	https://access.redhat.com/errata/RHSA-2023:0264
reference_id	RHSA-2023:0264
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0264

reference_url	https://access.redhat.com/errata/RHSA-2023:0469
reference_id	RHSA-2023:0469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0469

reference_url	https://access.redhat.com/errata/RHSA-2023:0471
reference_id	RHSA-2023:0471
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0471

reference_url	https://access.redhat.com/errata/RHSA-2023:0552
reference_id	RHSA-2023:0552
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0552

reference_url	https://access.redhat.com/errata/RHSA-2023:0553
reference_id	RHSA-2023:0553
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0553

reference_url	https://access.redhat.com/errata/RHSA-2023:0554
reference_id	RHSA-2023:0554
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0554

reference_url	https://access.redhat.com/errata/RHSA-2023:0556
reference_id	RHSA-2023:0556
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0556

reference_url	https://access.redhat.com/errata/RHSA-2023:0713
reference_id	RHSA-2023:0713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0713

reference_url	https://access.redhat.com/errata/RHSA-2023:1006
reference_id	RHSA-2023:1006
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1006

reference_url	https://access.redhat.com/errata/RHSA-2023:1064
reference_id	RHSA-2023:1064
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1064

reference_url	https://access.redhat.com/errata/RHSA-2023:1151
reference_id	RHSA-2023:1151
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1151

reference_url	https://access.redhat.com/errata/RHSA-2023:2097
reference_id	RHSA-2023:2097
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2097

reference_url	https://access.redhat.com/errata/RHSA-2023:2100
reference_id	RHSA-2023:2100
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2100

reference_url	https://access.redhat.com/errata/RHSA-2023:3223
reference_id	RHSA-2023:3223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3223

reference_url	https://access.redhat.com/errata/RHSA-2023:3641
reference_id	RHSA-2023:3641
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3641

reference_url	https://access.redhat.com/errata/RHSA-2023:3663
reference_id	RHSA-2023:3663
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3663

reference_url	https://access.redhat.com/errata/RHSA-2025:1746
reference_id	RHSA-2025:1746
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1746

reference_url	https://access.redhat.com/errata/RHSA-2025:1747
reference_id	RHSA-2025:1747
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1747

fixed_packages

url	pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.7.1
purl	pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.7.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.7.1

url	pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.13.4.2
purl	pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.13.4.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.13.4.2

aliases CVE-2022-42003, GHSA-jjjh-jjxp-wpff

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9h46-72hw-bkcr

url VCID-9qdt-7p83-4yd8

vulnerability_id VCID-9qdt-7p83-4yd8

summary

jackson-databind mishandles the interaction between serialization gadgets and typing
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.

references

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10969.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-10969

reference_id

reference_type

scores

value	0.01035
scoring_system	epss
scoring_elements	0.77381
published_at	2026-04-13T12:55:00Z

value	0.01035
scoring_system	epss
scoring_elements	0.77384
published_at	2026-04-12T12:55:00Z

value	0.01035
scoring_system	epss
scoring_elements	0.77405
published_at	2026-04-11T12:55:00Z

value	0.01035
scoring_system	epss
scoring_elements	0.77378
published_at	2026-04-09T12:55:00Z

value	0.01035
scoring_system	epss
scoring_elements	0.77369
published_at	2026-04-08T12:55:00Z

value	0.01035
scoring_system	epss
scoring_elements	0.77358
published_at	2026-04-04T12:55:00Z

value	0.01035
scoring_system	epss
scoring_elements	0.7733
published_at	2026-04-02T12:55:00Z

value	0.01035
scoring_system	epss
scoring_elements	0.77323
published_at	2026-04-01T12:55:00Z

value	0.01035
scoring_system	epss
scoring_elements	0.77338
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-10969

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10969
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10969

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/6ba48457984943df0de92c54144f7dcae01b1221

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/6ba48457984943df0de92c54144f7dcae01b1221

reference_url

https://github.com/FasterXML/jackson-databind/issues/2642

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:45Z/

url

https://github.com/FasterXML/jackson-databind/issues/2642

reference_url

https://lists.debian.org/debian-lts-announce/2020/04/msg00012.html

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:45Z/

url

https://lists.debian.org/debian-lts-announce/2020/04/msg00012.html

reference_url

https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:45Z/

url

https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_url

https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-10969

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-10969

reference_url

https://security.netapp.com/advisory/ntap-20200403-0002

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200403-0002

reference_url

https://security.netapp.com/advisory/ntap-20200403-0002/

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:45Z/

url

https://security.netapp.com/advisory/ntap-20200403-0002/

reference_url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:45Z/

url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:45Z/

url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:45Z/

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:45Z/

url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1819212
reference_id	1819212
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1819212

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*
reference_id	cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:agile_plm:9.3.6:::::::*
reference_id	cpe:2.3:a:oracle:agile_plm:9.3.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:agile_plm:9.3.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:autovue_for_agile_product_lifecycle_management:21.0.2:::::::*
reference_id	cpe:2.3:a:oracle:autovue_for_agile_product_lifecycle_management:21.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:autovue_for_agile_product_lifecycle_management:21.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_digital_experience:18.1:::::::*
reference_id	cpe:2.3:a:oracle:banking_digital_experience:18.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_digital_experience:18.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_digital_experience:18.2:::::::*
reference_id	cpe:2.3:a:oracle:banking_digital_experience:18.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_digital_experience:18.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_digital_experience:18.3:::::::*
reference_id	cpe:2.3:a:oracle:banking_digital_experience:18.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_digital_experience:18.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_digital_experience:19.1:::::::*
reference_id	cpe:2.3:a:oracle:banking_digital_experience:19.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_digital_experience:19.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_digital_experience:19.2:::::::*
reference_id	cpe:2.3:a:oracle:banking_digital_experience:19.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_digital_experience:19.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_digital_experience:20.1:::::::*
reference_id	cpe:2.3:a:oracle:banking_digital_experience:20.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_digital_experience:20.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform::::::::
reference_id	cpe:2.3:a:oracle:banking_platform::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_calendar_server:8.0.0.4.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_calendar_server:8.0.0.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_calendar_server:8.0.0.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_contacts_server:8.0.0.4.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_contacts_server:8.0.0.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_contacts_server:8.0.0.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_contacts_server:8.0.0.5.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_contacts_server:8.0.0.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_contacts_server:8.0.0.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::
reference_id	cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager::::::::
reference_id	cpe:2.3:a:oracle:communications_element_manager::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.4.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_network_charging_and_control::::::::
reference_id	cpe:2.3:a:oracle:communications_network_charging_and_control::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_network_charging_and_control::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager::::::::
reference_id	cpe:2.3:a:oracle:communications_session_report_manager::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager::::::::
reference_id	cpe:2.3:a:oracle:communications_session_route_manager::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure::::::::
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_retail_customer_analytics:8.0.6:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_retail_customer_analytics:8.0.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_retail_customer_analytics:8.0.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_opatch::::::::
reference_id	cpe:2.3:a:oracle:global_lifecycle_management_opatch::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_opatch::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.0.2.25:::::::*
reference_id	cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.0.2.25:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.0.2.25:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.1.0.15:::::::*
reference_id	cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.1.0.15:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.1.0.15:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator::::::::
reference_id	cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools::::::::
reference_id	cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier::::::::
reference_id	cpe:2.3:a:oracle:primavera_unifier::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:19.12:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:19.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:19.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:15.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_merchandising_system:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_sales_audit:14.1:::::::*
reference_id	cpe:2.3:a:oracle:retail_sales_audit:14.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_sales_audit:14.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_service_backbone:14.1:::::::*
reference_id	cpe:2.3:a:oracle:retail_service_backbone:14.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_service_backbone:14.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_service_backbone:15.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_service_backbone:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_service_backbone:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_service_backbone:16.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_service_backbone:16.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_service_backbone:16.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*
reference_id	cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

https://github.com/advisories/GHSA-758m-v56v-grj4

reference_id

GHSA-758m-v56v-grj4

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-758m-v56v-grj4

reference_url	https://access.redhat.com/errata/RHSA-2020:1523
reference_id	RHSA-2020:1523
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1523

reference_url	https://access.redhat.com/errata/RHSA-2020:2067
reference_id	RHSA-2020:2067
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2067

reference_url	https://access.redhat.com/errata/RHSA-2020:2333
reference_id	RHSA-2020:2333
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2333

reference_url	https://access.redhat.com/errata/RHSA-2020:2813
reference_id	RHSA-2020:2813
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2813

reference_url	https://access.redhat.com/errata/RHSA-2020:3192
reference_id	RHSA-2020:3192
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3192

reference_url	https://access.redhat.com/errata/RHSA-2020:3196
reference_id	RHSA-2020:3196
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3196

reference_url	https://access.redhat.com/errata/RHSA-2020:3197
reference_id	RHSA-2020:3197
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3197

reference_url	https://access.redhat.com/errata/RHSA-2020:3779
reference_id	RHSA-2020:3779
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3779

reference_url	https://access.redhat.com/errata/RHSA-2020:4366
reference_id	RHSA-2020:4366
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4366

reference_url	https://usn.ubuntu.com/USN-4813-1/
reference_id	USN-USN-4813-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4813-1/

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.7

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.7

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.6

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.6

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.4

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.4

aliases CVE-2020-10969, GHSA-758m-v56v-grj4

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9qdt-7p83-4yd8

url VCID-avut-gmwd-jqfp

vulnerability_id VCID-avut-gmwd-jqfp

summary

Polymorphic Typing in FasterXML jackson-databind
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.

references

reference_url

https://access.redhat.com/errata/RHSA-2019:3901

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2019:3901

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16942.json

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16942.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-16942

reference_id

reference_type

scores

value	0.00415
scoring_system	epss
scoring_elements	0.61583
published_at	2026-04-02T12:55:00Z

value	0.00415
scoring_system	epss
scoring_elements	0.61509
published_at	2026-04-01T12:55:00Z

value	0.00415
scoring_system	epss
scoring_elements	0.61612
published_at	2026-04-04T12:55:00Z

value	0.00415
scoring_system	epss
scoring_elements	0.61584
published_at	2026-04-07T12:55:00Z

value	0.00415
scoring_system	epss
scoring_elements	0.61632
published_at	2026-04-08T12:55:00Z

value	0.00415
scoring_system	epss
scoring_elements	0.61647
published_at	2026-04-09T12:55:00Z

value	0.00415
scoring_system	epss
scoring_elements	0.61668
published_at	2026-04-11T12:55:00Z

value	0.00415
scoring_system	epss
scoring_elements	0.61657
published_at	2026-04-12T12:55:00Z

value	0.00415
scoring_system	epss
scoring_elements	0.61637
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-16942

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14379
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14379

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14439
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14439

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14540
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14540

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16335
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16335

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16942
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16942

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16943
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16943

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/328a0f833daf6baa443ac3b37c818a0204714b0b

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/328a0f833daf6baa443ac3b37c818a0204714b0b

reference_url

https://github.com/FasterXML/jackson-databind/commit/54aa38d87dcffa5ccc23e64922e9536c82c1b9c8

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/54aa38d87dcffa5ccc23e64922e9536c82c1b9c8

reference_url

https://github.com/FasterXML/jackson-databind/commit/9593e16cf5a3d289a9c584f7123639655de9ddac

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/9593e16cf5a3d289a9c584f7123639655de9ddac

reference_url

https://github.com/FasterXML/jackson-databind/commit/bc67eb11a7cf57561f861ff16f879f1fceb5779f

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/bc67eb11a7cf57561f861ff16f879f1fceb5779f

reference_url

https://github.com/FasterXML/jackson-databind/issues/2478

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2478

reference_url

https://issues.apache.org/jira/browse/GEODE-7255

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/GEODE-7255

reference_url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/7782a937c9259a58337ee36b2961f00e2d744feafc13084e176d0df5@%3Cissues.geode.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/7782a937c9259a58337ee36b2961f00e2d744feafc13084e176d0df5@%3Cissues.geode.apache.org%3E

reference_url	https://lists.apache.org/thread.html/7782a937c9259a58337ee36b2961f00e2d744feafc13084e176d0df5%40%3Cissues.geode.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/7782a937c9259a58337ee36b2961f00e2d744feafc13084e176d0df5%40%3Cissues.geode.apache.org%3E

reference_url

https://lists.apache.org/thread.html/a430dbc9be874c41314cc69e697384567a9a24025e819d9485547954@%3Cissues.geode.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/a430dbc9be874c41314cc69e697384567a9a24025e819d9485547954@%3Cissues.geode.apache.org%3E

reference_url	https://lists.apache.org/thread.html/a430dbc9be874c41314cc69e697384567a9a24025e819d9485547954%40%3Cissues.geode.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/a430dbc9be874c41314cc69e697384567a9a24025e819d9485547954%40%3Cissues.geode.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b2e23c94f9dfef53e04c492e5d02e5c75201734be7adc73a49ef2370@%3Cissues.geode.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b2e23c94f9dfef53e04c492e5d02e5c75201734be7adc73a49ef2370@%3Cissues.geode.apache.org%3E

reference_url	https://lists.apache.org/thread.html/b2e23c94f9dfef53e04c492e5d02e5c75201734be7adc73a49ef2370%40%3Cissues.geode.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/b2e23c94f9dfef53e04c492e5d02e5c75201734be7adc73a49ef2370%40%3Cissues.geode.apache.org%3E

reference_url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT

reference_url	https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
reference_id
reference_type
scores
url	https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_url

https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-16942

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-16942

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20191017-0006

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20191017-0006

reference_url	https://security.netapp.com/advisory/ntap-20191017-0006/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20191017-0006/

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1758187
reference_id	1758187
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1758187

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941530
reference_id	941530
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941530

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager::::::linux::*
reference_id	cpe:2.3:a:netapp:active_iq_unified_manager::::::linux::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager::::::linux::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager::::::vmware_vsphere::*
reference_id	cpe:2.3:a:netapp:active_iq_unified_manager::::::vmware_vsphere::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager::::::vmware_vsphere::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager::::::windows::*
reference_id	cpe:2.3:a:netapp:active_iq_unified_manager::::::windows::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager::::::windows::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_api_services:-:::::::*
reference_id	cpe:2.3:a:netapp:oncommand_api_services:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_api_services:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*
reference_id	cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:service_level_manager:-:::::::*
reference_id	cpe:2.3:a:netapp:service_level_manager:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:service_level_manager:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*
reference_id	cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.4.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.4.1:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.2:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.7.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.7.1:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.9.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_calendar_server:8.0.0.2.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_calendar_server:8.0.0.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_calendar_server:8.0.0.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_calendar_server:8.0.0.3.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_calendar_server:8.0.0.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_calendar_server:8.0.0.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database_server:12.2.0.1:::::::*
reference_id	cpe:2.3:a:oracle:database_server:12.2.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database_server:12.2.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database_server:18c:::::::*
reference_id	cpe:2.3:a:oracle:database_server:18c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database_server:18c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database_server:19c:::::::*
reference_id	cpe:2.3:a:oracle:database_server:19c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database_server:19c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:12.2.1.4.0:::::::*
reference_id	cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:12.2.1.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:12.2.1.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:13.9.4.2.2:::::::*
reference_id	cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:13.9.4.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:13.9.4.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:::::::*
reference_id	cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2:::::::*
reference_id	cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:::::::*
reference_id	cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway::::::::
reference_id	cpe:2.3:a:oracle:primavera_gateway::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:19.12.0:::::::*
reference_id	cpe:2.3:a:oracle:primavera_gateway:19.12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:19.12.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier::::::::
reference_id	cpe:2.3:a:oracle:primavera_unifier::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:19.12:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:19.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:19.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:15.0.3:::::::*
reference_id	cpe:2.3:a:oracle:retail_merchandising_system:15.0.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:15.0.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:16.0.2:::::::*
reference_id	cpe:2.3:a:oracle:retail_merchandising_system:16.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:16.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:16.0.3:::::::*
reference_id	cpe:2.3:a:oracle:retail_merchandising_system:16.0.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:16.0.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_sales_audit:14.1:::::::*
reference_id	cpe:2.3:a:oracle:retail_sales_audit:14.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_sales_audit:14.1:::::::*

100

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:siebel_engineering_-_installer_\&_deployment::::::::
reference_id	cpe:2.3:a:oracle:siebel_engineering_-_installer_\&_deployment::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:siebel_engineering_-_installer_\&_deployment::::::::

101

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:siebel_ui_framework::::::::
reference_id	cpe:2.3:a:oracle:siebel_ui_framework::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:siebel_ui_framework::::::::

102

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:siebel_ui_framework:20.6:::::::*
reference_id	cpe:2.3:a:oracle:siebel_ui_framework:20.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:siebel_ui_framework:20.6:::::::*

103

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*

104

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*
reference_id	cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*

105

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:::::::*

106

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:::::::*
reference_id	cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:::::::*

107

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*

108

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*
reference_id	cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*

109

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:::::::*

110

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:::::::*

111

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*

112

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

113

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

114

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

115

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*

116

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

117

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

118

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

119

reference_url

https://github.com/advisories/GHSA-mx7p-6679-8g3q

reference_id

GHSA-mx7p-6679-8g3q

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-mx7p-6679-8g3q

120

reference_url	https://access.redhat.com/errata/RHSA-2020:0895
reference_id	RHSA-2020:0895
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0895

121

reference_url	https://access.redhat.com/errata/RHSA-2020:0899
reference_id	RHSA-2020:0899
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0899

122

reference_url	https://access.redhat.com/errata/RHSA-2020:0939
reference_id	RHSA-2020:0939
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0939

123

reference_url	https://access.redhat.com/errata/RHSA-2020:1644
reference_id	RHSA-2020:1644
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1644

124

reference_url	https://access.redhat.com/errata/RHSA-2020:2067
reference_id	RHSA-2020:2067
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2067

125

reference_url	https://access.redhat.com/errata/RHSA-2020:2321
reference_id	RHSA-2020:2321
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2321

126

reference_url	https://access.redhat.com/errata/RHSA-2020:2333
reference_id	RHSA-2020:2333
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2333

127

reference_url	https://access.redhat.com/errata/RHSA-2020:3192
reference_id	RHSA-2020:3192
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3192

128

reference_url	https://usn.ubuntu.com/USN-4813-1/
reference_id	USN-USN-4813-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4813-1/

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.1

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qzn-mkhg-1qh3

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-3wa1-khqf-x7fv

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-a5sk-5grx-eyaf

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tkej-jh51-s7g5

vulnerability	VCID-twvp-wxff-zka2

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x4fr-ena4-47fe

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.1

aliases CVE-2019-16942, GHSA-mx7p-6679-8g3q

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-avut-gmwd-jqfp

url VCID-bydt-bkf4-rbh2

vulnerability_id VCID-bydt-bkf4-rbh2

summary

jackson-databind mishandles the interaction between serialization gadgets and typing
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9546.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9546.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-9546

reference_id

reference_type

scores

value	0.02327
scoring_system	epss
scoring_elements	0.8482
published_at	2026-04-13T12:55:00Z

value	0.02327
scoring_system	epss
scoring_elements	0.84761
published_at	2026-04-02T12:55:00Z

value	0.02327
scoring_system	epss
scoring_elements	0.84746
published_at	2026-04-01T12:55:00Z

value	0.02327
scoring_system	epss
scoring_elements	0.84825
published_at	2026-04-12T12:55:00Z

value	0.02327
scoring_system	epss
scoring_elements	0.84829
published_at	2026-04-11T12:55:00Z

value	0.02327
scoring_system	epss
scoring_elements	0.8481
published_at	2026-04-09T12:55:00Z

value	0.02327
scoring_system	epss
scoring_elements	0.84804
published_at	2026-04-08T12:55:00Z

value	0.02327
scoring_system	epss
scoring_elements	0.84781
published_at	2026-04-07T12:55:00Z

value	0.02327
scoring_system	epss
scoring_elements	0.8478
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-9546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9546

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2631

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2631

reference_url

https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r35d30db00440ef63b791c4b7f7acb036e14d4a23afa2a249cb66c0fd@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r893a0104e50c1c2559eb9a5812add28ae8c3e5f43712947a9847ec18@%3Cnotifications.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r893a0104e50c1c2559eb9a5812add28ae8c3e5f43712947a9847ec18@%3Cnotifications.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1@%3Cdev.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r9464a40d25c3ba1a55622db72f113eb494a889656962d098c70c5bb1@%3Cdev.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r98c9b6e4c9e17792e2cd1ec3e4aa20b61a791939046d3f10888176bb@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rb6fecb5e96a6d61e175ff49f33f2713798dd05cf03067c169d195596@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb6fecb5e96a6d61e175ff49f33f2713798dd05cf03067c169d195596@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rd5a4457be4623038c3989294429bc063eec433a2e55995d81591e2ca@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rd5a4457be4623038c3989294429bc063eec433a2e55995d81591e2ca@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rdd49ab9565bec436a896bc00c4b9fc9dce1598e106c318524fbdfec6@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rdd49ab9565bec436a896bc00c4b9fc9dce1598e106c318524fbdfec6@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rdd4df698d5d8e635144d2994922bf0842e933809eae259521f3b5097@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rdd4df698d5d8e635144d2994922bf0842e933809eae259521f3b5097@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2020/03/msg00008.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/03/msg00008.html

reference_url

https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-9546

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-9546

reference_url

https://security.netapp.com/advisory/ntap-20200904-0006

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200904-0006

reference_url	https://security.netapp.com/advisory/ntap-20200904-0006/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200904-0006/

reference_url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1816332
reference_id	1816332
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1816332

reference_url

https://github.com/advisories/GHSA-5p34-5m6p-p58g

reference_id

GHSA-5p34-5m6p-p58g

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-5p34-5m6p-p58g

reference_url	https://access.redhat.com/errata/RHSA-2020:1644
reference_id	RHSA-2020:1644
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1644

reference_url	https://access.redhat.com/errata/RHSA-2020:2067
reference_id	RHSA-2020:2067
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2067

reference_url	https://access.redhat.com/errata/RHSA-2020:2511
reference_id	RHSA-2020:2511
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2511

reference_url	https://access.redhat.com/errata/RHSA-2020:2512
reference_id	RHSA-2020:2512
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2512

reference_url	https://access.redhat.com/errata/RHSA-2020:2513
reference_id	RHSA-2020:2513
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2513

reference_url	https://access.redhat.com/errata/RHSA-2020:2515
reference_id	RHSA-2020:2515
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2515

reference_url	https://access.redhat.com/errata/RHSA-2020:2813
reference_id	RHSA-2020:2813
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2813

reference_url	https://access.redhat.com/errata/RHSA-2020:3192
reference_id	RHSA-2020:3192
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3192

reference_url	https://access.redhat.com/errata/RHSA-2020:3196
reference_id	RHSA-2020:3196
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3196

reference_url	https://access.redhat.com/errata/RHSA-2020:3197
reference_id	RHSA-2020:3197
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3197

reference_url	https://access.redhat.com/errata/RHSA-2020:3779
reference_id	RHSA-2020:3779
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3779

reference_url	https://access.redhat.com/errata/RHSA-2020:4366
reference_id	RHSA-2020:4366
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4366

reference_url	https://access.redhat.com/errata/RHSA-2025:1746
reference_id	RHSA-2025:1746
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1746

reference_url	https://usn.ubuntu.com/USN-4813-1/
reference_id	USN-USN-4813-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4813-1/

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.7

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.7

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.6

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.6

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.4

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.4

aliases CVE-2020-9546, GHSA-5p34-5m6p-p58g

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bydt-bkf4-rbh2

url VCID-bypv-wfhs-sbe4

vulnerability_id VCID-bypv-wfhs-sbe4

summary

Polymorphic Typing issue in FasterXML jackson-databind
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10, 2.8.11.5, and 2.6.7.3. It is related to `com.zaxxer.hikari.HikariConfig`.

references

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14540.json

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14540.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14540

reference_id

reference_type

scores

value	0.07082
scoring_system	epss
scoring_elements	0.91481
published_at	2026-04-02T12:55:00Z

value	0.07082
scoring_system	epss
scoring_elements	0.91519
published_at	2026-04-13T12:55:00Z

value	0.07082
scoring_system	epss
scoring_elements	0.91522
published_at	2026-04-12T12:55:00Z

value	0.07082
scoring_system	epss
scoring_elements	0.9152
published_at	2026-04-11T12:55:00Z

value	0.07082
scoring_system	epss
scoring_elements	0.91515
published_at	2026-04-09T12:55:00Z

value	0.07082
scoring_system	epss
scoring_elements	0.91509
published_at	2026-04-08T12:55:00Z

value	0.07082
scoring_system	epss
scoring_elements	0.91495
published_at	2026-04-07T12:55:00Z

value	0.07082
scoring_system	epss
scoring_elements	0.91487
published_at	2026-04-04T12:55:00Z

value	0.07082
scoring_system	epss
scoring_elements	0.91474
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14540

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14379
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14379

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14439
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14439

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14540
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14540

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16335
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16335

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16942
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16942

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16943
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16943

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/blob/master/release-notes/VERSION-2.x

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/blob/master/release-notes/VERSION-2.x

reference_url

https://github.com/FasterXML/jackson-databind/commit/73c1c2cc76e6cdd7f3a5615cbe3207fe96e4d3db

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/73c1c2cc76e6cdd7f3a5615cbe3207fe96e4d3db

reference_url

https://github.com/FasterXML/jackson-databind/commit/d4983c740fec7d5576b207a8c30a63d3ea7443de

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/d4983c740fec7d5576b207a8c30a63d3ea7443de

reference_url

https://github.com/FasterXML/jackson-databind/issues/2410

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2410

reference_url

https://github.com/FasterXML/jackson-databind/issues/2449

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2449

reference_url

https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E

reference_url	https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69%40%3Ccommits.tinkerpop.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69%40%3Ccommits.tinkerpop.apache.org%3E

reference_url

https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1@%3Cissues.hbase.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1@%3Cissues.hbase.apache.org%3E

reference_url	https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1%40%3Cissues.hbase.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1%40%3Cissues.hbase.apache.org%3E

reference_url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E

reference_url	https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016%40%3Cissues.hbase.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016%40%3Cissues.hbase.apache.org%3E

reference_url

https://lists.apache.org/thread.html/a4f2c9fb36642a48912cdec6836ec00e497427717c5d377f8d7ccce6@%3Cnotifications.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/a4f2c9fb36642a48912cdec6836ec00e497427717c5d377f8d7ccce6@%3Cnotifications.zookeeper.apache.org%3E

reference_url	https://lists.apache.org/thread.html/a4f2c9fb36642a48912cdec6836ec00e497427717c5d377f8d7ccce6%40%3Cnotifications.zookeeper.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/a4f2c9fb36642a48912cdec6836ec00e497427717c5d377f8d7ccce6%40%3Cnotifications.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9@%3Cissues.hbase.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9@%3Cissues.hbase.apache.org%3E

reference_url	https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9%40%3Cissues.hbase.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9%40%3Cissues.hbase.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E

reference_url	https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E

reference_url

https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0@%3Cissues.hbase.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0@%3Cissues.hbase.apache.org%3E

reference_url	https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0%40%3Cissues.hbase.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0%40%3Cissues.hbase.apache.org%3E

reference_url

https://lists.apache.org/thread.html/e90c3feb21702e68a8c08afce37045adb3870f2bf8223fa403fb93fb@%3Ccommits.hbase.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/e90c3feb21702e68a8c08afce37045adb3870f2bf8223fa403fb93fb@%3Ccommits.hbase.apache.org%3E

reference_url	https://lists.apache.org/thread.html/e90c3feb21702e68a8c08afce37045adb3870f2bf8223fa403fb93fb%40%3Ccommits.hbase.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/e90c3feb21702e68a8c08afce37045adb3870f2bf8223fa403fb93fb%40%3Ccommits.hbase.apache.org%3E

reference_url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r8aaf4ee16bbaf6204731d4770d96ebb34b258cd79b491f9cdd7f2540@%3Ccommits.nifi.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r8aaf4ee16bbaf6204731d4770d96ebb34b258cd79b491f9cdd7f2540@%3Ccommits.nifi.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8aaf4ee16bbaf6204731d4770d96ebb34b258cd79b491f9cdd7f2540%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8aaf4ee16bbaf6204731d4770d96ebb34b258cd79b491f9cdd7f2540%40%3Ccommits.nifi.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-14540

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-14540

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20191004-0002

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20191004-0002

reference_url	https://security.netapp.com/advisory/ntap-20191004-0002/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20191004-0002/

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1755849
reference_id	1755849
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1755849

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940498
reference_id	940498
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940498

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_api_services:-:::::::*
reference_id	cpe:2.3:a:netapp:oncommand_api_services:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_api_services:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*
reference_id	cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*
reference_id	cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.4.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.4.1:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.7.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.7.1:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:customer_management_and_segmentation_foundation:18.0:::::::*
reference_id	cpe:2.3:a:oracle:customer_management_and_segmentation_foundation:18.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:customer_management_and_segmentation_foundation:18.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure::::::::
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_opatch::::::::
reference_id	cpe:2.3:a:oracle:global_lifecycle_management_opatch::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_opatch::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:::::::*
reference_id	cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:goldengate_stream_analytics::::::::
reference_id	cpe:2.3:a:oracle:goldengate_stream_analytics::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:goldengate_stream_analytics::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql::::::::
reference_id	cpe:2.3:a:oracle:mysql::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:15.2:::::::*
reference_id	cpe:2.3:a:oracle:primavera_gateway:15.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:15.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:15.2.18:::::::*
reference_id	cpe:2.3:a:oracle:primavera_gateway:15.2.18:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:15.2.18:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:16.2:::::::*
reference_id	cpe:2.3:a:oracle:primavera_gateway:16.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:16.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:16.2.11:::::::*
reference_id	cpe:2.3:a:oracle:primavera_gateway:16.2.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:16.2.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:17.12:::::::*
reference_id	cpe:2.3:a:oracle:primavera_gateway:17.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:17.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:17.12.6:::::::*
reference_id	cpe:2.3:a:oracle:primavera_gateway:17.12.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:17.12.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:18.8.0:::::::*
reference_id	cpe:2.3:a:oracle:primavera_gateway:18.8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:18.8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:18.8.8.1:::::::*
reference_id	cpe:2.3:a:oracle:primavera_gateway:18.8.8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:18.8.8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier::::::::
reference_id	cpe:2.3:a:oracle:primavera_unifier::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:19.12:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:19.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:19.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:17.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:17.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:17.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:::::::*

100

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:::::::*

101

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:::::::*

102

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0:::::::*

103

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:::::::*
reference_id	cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:::::::*

104

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*

105

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:::::::*

106

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:::::::*

107

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*

108

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

109

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

110

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

111

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*

112

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

113

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

114

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

115

reference_url

https://github.com/advisories/GHSA-h822-r4r5-v8jg

reference_id

GHSA-h822-r4r5-v8jg

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-h822-r4r5-v8jg

116

reference_url	https://access.redhat.com/errata/RHSA-2020:0895
reference_id	RHSA-2020:0895
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0895

117

reference_url	https://access.redhat.com/errata/RHSA-2020:0899
reference_id	RHSA-2020:0899
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0899

118

reference_url	https://access.redhat.com/errata/RHSA-2020:1644
reference_id	RHSA-2020:1644
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1644

119

reference_url	https://access.redhat.com/errata/RHSA-2020:2067
reference_id	RHSA-2020:2067
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2067

120

reference_url	https://access.redhat.com/errata/RHSA-2020:2321
reference_id	RHSA-2020:2321
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2321

121

reference_url	https://access.redhat.com/errata/RHSA-2020:2333
reference_id	RHSA-2020:2333
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2333

122

reference_url	https://access.redhat.com/errata/RHSA-2020:3192
reference_id	RHSA-2020:3192
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3192

123

reference_url	https://usn.ubuntu.com/USN-4813-1/
reference_id	USN-USN-4813-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4813-1/

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2qzn-mkhg-1qh3

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-3wa1-khqf-x7fv

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-a5sk-5grx-eyaf

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tkej-jh51-s7g5

vulnerability	VCID-twvp-wxff-zka2

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x4fr-ena4-47fe

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10

aliases CVE-2019-14540, GHSA-h822-r4r5-v8jg

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bypv-wfhs-sbe4

url VCID-ceub-d4s9-dkcd

vulnerability_id VCID-ceub-d4s9-dkcd

summary

Deserialization of Untrusted Data
A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the `readValue` method of the `ObjectMapper`.

references

reference_url

https://access.redhat.com/errata/RHSA-2017:3189

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:3189

reference_url

https://access.redhat.com/errata/RHSA-2017:3190

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:3190

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:0576

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:0576

reference_url

https://access.redhat.com/errata/RHSA-2018:0577

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:0577

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:2927

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:2927

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15095.json

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15095.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15095

reference_id

reference_type

scores

value	0.08606
scoring_system	epss
scoring_elements	0.92427
published_at	2026-04-13T12:55:00Z

value	0.08606
scoring_system	epss
scoring_elements	0.92429
published_at	2026-04-12T12:55:00Z

value	0.09261
scoring_system	epss
scoring_elements	0.92697
published_at	2026-04-01T12:55:00Z

value	0.09261
scoring_system	epss
scoring_elements	0.9273
published_at	2026-04-11T12:55:00Z

value	0.09261
scoring_system	epss
scoring_elements	0.92724
published_at	2026-04-09T12:55:00Z

value	0.09261
scoring_system	epss
scoring_elements	0.9272
published_at	2026-04-08T12:55:00Z

value	0.09261
scoring_system	epss
scoring_elements	0.92709
published_at	2026-04-07T12:55:00Z

value	0.09261
scoring_system	epss
scoring_elements	0.92711
published_at	2026-04-04T12:55:00Z

value	0.09261
scoring_system	epss
scoring_elements	0.92705
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15095

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15095
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15095

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/a054585e2175ad0882f07bcafedecfac86230f1b

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/a054585e2175ad0882f07bcafedecfac86230f1b

reference_url

https://github.com/FasterXML/jackson-databind/commit/a3939d36edcc755c8af55bdc1969e0fa8438f9db

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/a3939d36edcc755c8af55bdc1969e0fa8438f9db

reference_url

https://github.com/FasterXML/jackson-databind/commit/ddfddfba6414adbecaff99684ef66eebd3a92e92

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/ddfddfba6414adbecaff99684ef66eebd3a92e92

reference_url

https://github.com/FasterXML/jackson-databind/commit/e865a7a4464da63ded9f4b1a2328ad85c9ded78b

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/e865a7a4464da63ded9f4b1a2328ad85c9ded78b

reference_url

https://github.com/FasterXML/jackson-databind/commit/e8f043d1aac9b82eee907e0f0c3abbdea723a935

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/e8f043d1aac9b82eee907e0f0c3abbdea723a935

reference_url

https://github.com/FasterXML/jackson-databind/issues/1680

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/1680

reference_url

https://github.com/FasterXML/jackson-databind/issues/1737

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/1737

reference_url

https://github.com/tolbertam/jackson-databind/commit/80566a0f96b2003863f9d8f9ccc3b562001e147b

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/tolbertam/jackson-databind/commit/80566a0f96b2003863f9d8f9ccc3b562001e147b

reference_url

https://lists.apache.org/thread.html/f095a791bda6c0595f691eddd0febb2d396987eec5cbd29120d8c629@%3Csolr-user.lucene.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/f095a791bda6c0595f691eddd0febb2d396987eec5cbd29120d8c629@%3Csolr-user.lucene.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2020/01/msg00037.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/01/msg00037.html

reference_url

https://security.netapp.com/advisory/ntap-20171214-0003

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20171214-0003

reference_url

https://web.archive.org/web/20200401000000*/http://www.securityfocus.com/bid/103880

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20200401000000*/http://www.securityfocus.com/bid/103880

reference_url

https://web.archive.org/web/20201221192044/http://www.securitytracker.com/id/1039769

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20201221192044/http://www.securitytracker.com/id/1039769

reference_url

https://www.debian.org/security/2017/dsa-4037

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2017/dsa-4037

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_url

http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

reference_url

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

reference_url

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

reference_url	http://www.securityfocus.com/bid/103880
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/103880

reference_url	http://www.securitytracker.com/id/1039769
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039769

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1506612
reference_id	1506612
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1506612

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-15095

reference_id

CVE-2017-15095

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-15095

reference_url

https://github.com/advisories/GHSA-h592-38cm-4ggp

reference_id

GHSA-h592-38cm-4ggp

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-h592-38cm-4ggp

reference_url	https://usn.ubuntu.com/4741-1/
reference_id	USN-4741-1
reference_type
scores
url	https://usn.ubuntu.com/4741-1/

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.2

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2x39-rsxh-rkgw

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5r6v-ej7d-ubgv

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-6zee-aqcc-vfbp

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-g8gt-d7gz-13e6

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-m7jp-7n22-4qg8

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-unwq-s63h-uuaw

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x6g1-qw1v-jbas

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-zdwv-ycey-myfc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.2

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.10

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2x39-rsxh-rkgw

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5r6v-ej7d-ubgv

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-6zee-aqcc-vfbp

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-g8gt-d7gz-13e6

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-m7jp-7n22-4qg8

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-unwq-s63h-uuaw

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x6g1-qw1v-jbas

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-zdwv-ycey-myfc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.10

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2x39-rsxh-rkgw

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5r6v-ej7d-ubgv

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-6zee-aqcc-vfbp

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-g8gt-d7gz-13e6

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-m7jp-7n22-4qg8

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-unwq-s63h-uuaw

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x6g1-qw1v-jbas

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-zdwv-ycey-myfc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.0.pr1

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.0.pr1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2qzn-mkhg-1qh3

vulnerability	VCID-2x39-rsxh-rkgw

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-3wa1-khqf-x7fv

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-5r6v-ej7d-ubgv

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-6zee-aqcc-vfbp

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-a5sk-5grx-eyaf

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-g8gt-d7gz-13e6

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-m7jp-7n22-4qg8

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tkej-jh51-s7g5

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-twvp-wxff-zka2

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-unwq-s63h-uuaw

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x4fr-ena4-47fe

vulnerability	VCID-x6g1-qw1v-jbas

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-zdwv-ycey-myfc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.0.pr1

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.1

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2qzn-mkhg-1qh3

vulnerability	VCID-2x39-rsxh-rkgw

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-3wa1-khqf-x7fv

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-5r6v-ej7d-ubgv

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-6zee-aqcc-vfbp

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-a5sk-5grx-eyaf

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-g8gt-d7gz-13e6

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-m7jp-7n22-4qg8

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tkej-jh51-s7g5

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-twvp-wxff-zka2

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-unwq-s63h-uuaw

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x4fr-ena4-47fe

vulnerability	VCID-x6g1-qw1v-jbas

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-zdwv-ycey-myfc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.1

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.4

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2qzn-mkhg-1qh3

vulnerability	VCID-2x39-rsxh-rkgw

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-3wa1-khqf-x7fv

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-5r6v-ej7d-ubgv

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-6zee-aqcc-vfbp

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-a5sk-5grx-eyaf

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-g8gt-d7gz-13e6

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-m7jp-7n22-4qg8

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tkej-jh51-s7g5

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-twvp-wxff-zka2

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x4fr-ena4-47fe

vulnerability	VCID-x6g1-qw1v-jbas

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-zdwv-ycey-myfc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.4

aliases CVE-2017-15095, GHSA-h592-38cm-4ggp

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ceub-d4s9-dkcd

url VCID-cytp-mr4h-g3ds

vulnerability_id VCID-cytp-mr4h-g3ds

summary

Unsafe Deserialization in jackson-databind
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36184.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36184.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-36184

reference_id

reference_type

scores

value	0.0691
scoring_system	epss
scoring_elements	0.91398
published_at	2026-04-13T12:55:00Z

value	0.0691
scoring_system	epss
scoring_elements	0.91399
published_at	2026-04-12T12:55:00Z

value	0.0691
scoring_system	epss
scoring_elements	0.91396
published_at	2026-04-11T12:55:00Z

value	0.0691
scoring_system	epss
scoring_elements	0.9139
published_at	2026-04-09T12:55:00Z

value	0.0691
scoring_system	epss
scoring_elements	0.91383
published_at	2026-04-08T12:55:00Z

value	0.0691
scoring_system	epss
scoring_elements	0.91371
published_at	2026-04-07T12:55:00Z

value	0.0691
scoring_system	epss
scoring_elements	0.91364
published_at	2026-04-04T12:55:00Z

value	0.0691
scoring_system	epss
scoring_elements	0.91354
published_at	2026-04-02T12:55:00Z

value	0.0691
scoring_system	epss
scoring_elements	0.91348
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-36184

reference_url

https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:50Z/

url

https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36184
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36184

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/567194c53ae91f0a14dc27239afb739b1c10448a

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/567194c53ae91f0a14dc27239afb739b1c10448a

reference_url

https://github.com/FasterXML/jackson-databind/issues/2998

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:50Z/

url

https://github.com/FasterXML/jackson-databind/issues/2998

reference_url

https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:50Z/

url

https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html

reference_url

https://security.netapp.com/advisory/ntap-20210205-0005

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20210205-0005

reference_url

https://security.netapp.com/advisory/ntap-20210205-0005/

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:50Z/

url

https://security.netapp.com/advisory/ntap-20210205-0005/

reference_url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:50Z/

url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:50Z/

url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:50Z/

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:50Z/

url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:50Z/

url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-25T04:00:50Z/

url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1913928
reference_id	1913928
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1913928

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-36184

reference_id

CVE-2020-36184

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-36184

reference_url

https://github.com/advisories/GHSA-m6x4-97wx-4q27

reference_id

GHSA-m6x4-97wx-4q27

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-m6x4-97wx-4q27

reference_url	https://access.redhat.com/errata/RHSA-2021:1230
reference_id	RHSA-2021:1230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1230

reference_url	https://access.redhat.com/errata/RHSA-2021:1515
reference_id	RHSA-2021:1515
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1515

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8

aliases CVE-2020-36184, GHSA-m6x4-97wx-4q27

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cytp-mr4h-g3ds

url VCID-fafy-ugq3-cfbn

vulnerability_id VCID-fafy-ugq3-cfbn

summary

Server-Side Request Forgery (SSRF)
FasterXML jackson-databind might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the `axis2-jaxws` class from polymorphic deserialization.

references

reference_url

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14721.json

reference_url

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14721.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14721

reference_id

reference_type

scores

value	0.09436
scoring_system	epss
scoring_elements	0.92781
published_at	2026-04-02T12:55:00Z

value	0.09436
scoring_system	epss
scoring_elements	0.92786
published_at	2026-04-04T12:55:00Z

value	0.09436
scoring_system	epss
scoring_elements	0.92783
published_at	2026-04-07T12:55:00Z

value	0.09436
scoring_system	epss
scoring_elements	0.92792
published_at	2026-04-08T12:55:00Z

value	0.09436
scoring_system	epss
scoring_elements	0.92796
published_at	2026-04-09T12:55:00Z

value	0.09436
scoring_system	epss
scoring_elements	0.92801
published_at	2026-04-11T12:55:00Z

value	0.09436
scoring_system	epss
scoring_elements	0.928
published_at	2026-04-13T12:55:00Z

value	0.09436
scoring_system	epss
scoring_elements	0.92774
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11307
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11307

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14718
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14718

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14719
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14719

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14720
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14720

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086

reference_url

https://github.com/advisories/GHSA-9mxf-g3x6-wv74

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-9mxf-g3x6-wv74

reference_url

https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44

reference_url

https://github.com/FasterXML/jackson-databind/issues/2097

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2097

reference_url

https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7

reference_url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E

reference_url	https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html

reference_url

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190530-0003

reference_url

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190530-0003

reference_url	https://security.netapp.com/advisory/ntap-20190530-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190530-0003/

reference_url

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1666428
reference_id	1666428
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1666428

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc1::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc2::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc3::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.8.0:rc1::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind:2.8.0:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.8.0:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.8.0:rc2::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind:2.8.0:rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.8.0:rc2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr1::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr2::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr3::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr4::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.2:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:::::::*
reference_id	cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.2:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.3:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.3.1:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.2:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.3:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.4:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.5:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:::::::*
reference_id	cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier::::::::
reference_id	cpe:2.3:a:oracle:primavera_unifier::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:15.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_merchandising_system:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:16.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_merchandising_system:16.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:16.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
reference_id	cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-14721

reference_id

CVE-2018-14721

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	10.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-14721

reference_url	https://access.redhat.com/errata/RHSA-2020:2564
reference_id	RHSA-2020:2564
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2564

reference_url	https://access.redhat.com/errata/RHSA-2021:1230
reference_id	RHSA-2021:1230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1230

reference_url	https://access.redhat.com/errata/RHSA-2021:1515
reference_id	RHSA-2021:1515
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1515

reference_url	https://usn.ubuntu.com/USN-4813-1/
reference_id	USN-USN-4813-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4813-1/

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.7

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2qzn-mkhg-1qh3

vulnerability	VCID-2x39-rsxh-rkgw

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-3wa1-khqf-x7fv

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-a5sk-5grx-eyaf

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-g8gt-d7gz-13e6

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-m7jp-7n22-4qg8

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tkej-jh51-s7g5

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-twvp-wxff-zka2

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x4fr-ena4-47fe

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.7

aliases CVE-2018-14721, GHSA-9mxf-g3x6-wv74

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fafy-ugq3-cfbn

url VCID-g6up-yqg8-nbep

vulnerability_id VCID-g6up-yqg8-nbep

summary

Deserialization of Untrusted Data
FasterXML jackson-databind might allow remote attackers to execute arbitrary code by leveraging failure to block the `blaze-ds-opt` and `blaze-ds-core` classes from polymorphic deserialization.

references

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14719.json

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14719.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14719

reference_id

reference_type

scores

value	0.03461
scoring_system	epss
scoring_elements	0.87476
published_at	2026-04-01T12:55:00Z

value	0.03461
scoring_system	epss
scoring_elements	0.87529
published_at	2026-04-09T12:55:00Z

value	0.03461
scoring_system	epss
scoring_elements	0.875
published_at	2026-04-04T12:55:00Z

value	0.03461
scoring_system	epss
scoring_elements	0.87502
published_at	2026-04-07T12:55:00Z

value	0.03461
scoring_system	epss
scoring_elements	0.87522
published_at	2026-04-08T12:55:00Z

value	0.03461
scoring_system	epss
scoring_elements	0.8754
published_at	2026-04-11T12:55:00Z

value	0.03461
scoring_system	epss
scoring_elements	0.87535
published_at	2026-04-12T12:55:00Z

value	0.03461
scoring_system	epss
scoring_elements	0.87532
published_at	2026-04-13T12:55:00Z

value	0.03461
scoring_system	epss
scoring_elements	0.87486
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14719

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11307
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11307

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14718
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14718

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14719
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14719

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14720
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14720

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44

reference_url

https://github.com/FasterXML/jackson-databind/issues/2097

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2097

reference_url

https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7

reference_url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E

reference_url	https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190530-0003

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190530-0003

reference_url	https://security.netapp.com/advisory/ntap-20190530-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190530-0003/

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1666418
reference_id	1666418
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1666418

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*
reference_id	cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapcenter:-:::::::*
reference_id	cpe:2.3:a:netapp:snapcenter:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapcenter:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage::::::::
reference_id	cpe:2.3:a:netapp:steelstore_cloud_integrated_storage::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.2:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:::::::*
reference_id	cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:clusterware:12.1.0.2.0:::::::*
reference_id	cpe:2.3:a:oracle:clusterware:12.1.0.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:clusterware:12.1.0.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:::::::*
reference_id	cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database_server:11.2.0.4:::::::*
reference_id	cpe:2.3:a:oracle:database_server:11.2.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database_server:11.2.0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database_server:12.1.0.2:::::::*
reference_id	cpe:2.3:a:oracle:database_server:12.1.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database_server:12.1.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database_server:12.2.0.1:::::::*
reference_id	cpe:2.3:a:oracle:database_server:12.2.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database_server:12.2.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database_server:18c:::::::*
reference_id	cpe:2.3:a:oracle:database_server:18c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database_server:18c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database_server:19c:::::::*
reference_id	cpe:2.3:a:oracle:database_server:19c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:database_server:19c:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.2:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.3:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.3.1:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.2:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.3:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.4:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.5:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_opatch::::::::
reference_id	cpe:2.3:a:oracle:global_lifecycle_management_opatch::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_opatch::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:::::::*
reference_id	cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management::::::::
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:::::::*
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:::::::*
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:::::::*
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2:::::::*
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:18.8:::::::*
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:18.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:18.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier::::::::
reference_id	cpe:2.3:a:oracle:primavera_unifier::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:15.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_merchandising_system:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:16.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_merchandising_system:16.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:16.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_workforce_management_software:1.60.9.0.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_workforce_management_software:1.60.9.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_workforce_management_software:1.60.9.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform::::::::
reference_id	cpe:2.3:a:redhat:openshift_container_platform::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

100

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-14719

reference_id

CVE-2018-14719

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-14719

101

reference_url

https://github.com/advisories/GHSA-4gq5-ch57-c2mg

reference_id

GHSA-4gq5-ch57-c2mg

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-4gq5-ch57-c2mg

102

reference_url	https://access.redhat.com/errata/RHSA-2020:2564
reference_id	RHSA-2020:2564
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2564

103

reference_url	https://access.redhat.com/errata/RHSA-2021:1230
reference_id	RHSA-2021:1230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1230

104

reference_url	https://access.redhat.com/errata/RHSA-2021:1515
reference_id	RHSA-2021:1515
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1515

105

reference_url	https://usn.ubuntu.com/USN-4813-1/
reference_id	USN-USN-4813-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4813-1/

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.7

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2qzn-mkhg-1qh3

vulnerability	VCID-2x39-rsxh-rkgw

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-3wa1-khqf-x7fv

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-a5sk-5grx-eyaf

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-g8gt-d7gz-13e6

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-m7jp-7n22-4qg8

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tkej-jh51-s7g5

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-twvp-wxff-zka2

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x4fr-ena4-47fe

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.7

aliases CVE-2018-14719, GHSA-4gq5-ch57-c2mg

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g6up-yqg8-nbep

url VCID-g8gt-d7gz-13e6

vulnerability_id VCID-g8gt-d7gz-13e6

summary

Deserialization of Untrusted Data
FasterXML jackson-databind might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.

references

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19360.json

reference_url

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19360.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-19360

reference_id

reference_type

scores

value	0.06658
scoring_system	epss
scoring_elements	0.91214
published_at	2026-04-13T12:55:00Z

value	0.06658
scoring_system	epss
scoring_elements	0.91205
published_at	2026-04-09T12:55:00Z

value	0.06658
scoring_system	epss
scoring_elements	0.91198
published_at	2026-04-08T12:55:00Z

value	0.06658
scoring_system	epss
scoring_elements	0.91185
published_at	2026-04-07T12:55:00Z

value	0.06658
scoring_system	epss
scoring_elements	0.91178
published_at	2026-04-04T12:55:00Z

value	0.06658
scoring_system	epss
scoring_elements	0.9117
published_at	2026-04-02T12:55:00Z

value	0.06658
scoring_system	epss
scoring_elements	0.91164
published_at	2026-04-01T12:55:00Z

value	0.06658
scoring_system	epss
scoring_elements	0.91215
published_at	2026-04-12T12:55:00Z

value	0.06658
scoring_system	epss
scoring_elements	0.91212
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-19360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11307
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11307

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14718
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14718

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14719
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14719

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14720
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14720

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086

reference_url

https://github.com/advisories/GHSA-f9hv-mg5h-xcw9

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-f9hv-mg5h-xcw9

reference_url

https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b

reference_url

https://github.com/FasterXML/jackson-databind/issues/2186

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2186

reference_url

https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8

reference_url

https://issues.apache.org/jira/browse/TINKERPOP-2121

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/TINKERPOP-2121

reference_url

https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E

reference_url	https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3%40%3Cdevnull.infra.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3%40%3Cdevnull.infra.apache.org%3E

reference_url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E

reference_url	https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E

reference_url

https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c@%3Ccommits.pulsar.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c@%3Ccommits.pulsar.apache.org%3E

reference_url	https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c%40%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c%40%3Ccommits.pulsar.apache.org%3E

reference_url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E

reference_url	https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190530-0003

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190530-0003

reference_url	https://security.netapp.com/advisory/ntap-20190530-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190530-0003/

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-19360

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1666482
reference_id	1666482
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1666482

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:::::::*
reference_id	cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management::::::::
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:::::::*
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:::::::*
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:::::::*
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2:::::::*
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:18.8:::::::*
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:18.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:18.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier::::::::
reference_id	cpe:2.3:a:oracle:primavera_unifier::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_workforce_management_software:1.60.9.0.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_workforce_management_software:1.60.9.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_workforce_management_software:1.60.9.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:automation_manager:7.3.1:::::::*
reference_id	cpe:2.3:a:redhat:automation_manager:7.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:automation_manager:7.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:decision_manager:7.3.1:::::::*
reference_id	cpe:2.3:a:redhat:decision_manager:7.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:decision_manager:7.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_bpm_suite:6.4.11:::::::*
reference_id	cpe:2.3:a:redhat:jboss_bpm_suite:6.4.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_bpm_suite:6.4.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_brms:6.4.10:::::::*
reference_id	cpe:2.3:a:redhat:jboss_brms:6.4.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_brms:6.4.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
reference_id	cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

reference_id

CVE-2018-19360

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-19360

reference_url	https://access.redhat.com/errata/RHSA-2020:2564
reference_id	RHSA-2020:2564
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2564

reference_url	https://access.redhat.com/errata/RHSA-2021:1230
reference_id	RHSA-2021:1230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1230

reference_url	https://access.redhat.com/errata/RHSA-2021:1515
reference_id	RHSA-2021:1515
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1515

reference_url	https://usn.ubuntu.com/USN-4813-1/
reference_id	USN-USN-4813-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4813-1/

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.8

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2qzn-mkhg-1qh3

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-3wa1-khqf-x7fv

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-a5sk-5grx-eyaf

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tkej-jh51-s7g5

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-twvp-wxff-zka2

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x4fr-ena4-47fe

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.8

aliases CVE-2018-19360, GHSA-f9hv-mg5h-xcw9

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g8gt-d7gz-13e6

url VCID-hwnx-vf4v-f3db

vulnerability_id VCID-hwnx-vf4v-f3db

summary

Code Injection in jackson-databind
This project contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24616.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24616.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-24616

reference_id

reference_type

scores

value	0.02676
scoring_system	epss
scoring_elements	0.85829
published_at	2026-04-13T12:55:00Z

value	0.02676
scoring_system	epss
scoring_elements	0.85833
published_at	2026-04-12T12:55:00Z

value	0.02676
scoring_system	epss
scoring_elements	0.85837
published_at	2026-04-11T12:55:00Z

value	0.02676
scoring_system	epss
scoring_elements	0.85822
published_at	2026-04-09T12:55:00Z

value	0.02676
scoring_system	epss
scoring_elements	0.85811
published_at	2026-04-08T12:55:00Z

value	0.02676
scoring_system	epss
scoring_elements	0.85768
published_at	2026-04-02T12:55:00Z

value	0.02676
scoring_system	epss
scoring_elements	0.85756
published_at	2026-04-01T12:55:00Z

value	0.02676
scoring_system	epss
scoring_elements	0.85792
published_at	2026-04-07T12:55:00Z

value	0.02676
scoring_system	epss
scoring_elements	0.85787
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-24616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24616

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/3d97153944f7de9c19c1b3637b33d3cf1fbbe4d7

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/3d97153944f7de9c19c1b3637b33d3cf1fbbe4d7

reference_url

https://github.com/FasterXML/jackson-databind/issues/2814

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2814

reference_url

https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html

reference_url

https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_url

https://security.netapp.com/advisory/ntap-20200904-0006

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200904-0006

reference_url	https://security.netapp.com/advisory/ntap-20200904-0006/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200904-0006/

reference_url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1872707
reference_id	1872707
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1872707

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-24616

reference_id

CVE-2020-24616

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-24616

reference_url

https://github.com/advisories/GHSA-h3cw-g4mq-c5x2

reference_id

GHSA-h3cw-g4mq-c5x2

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-h3cw-g4mq-c5x2

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.6

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.6

aliases CVE-2020-24616, GHSA-h3cw-g4mq-c5x2

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hwnx-vf4v-f3db

url VCID-jcgb-bewy-4kff

vulnerability_id VCID-jcgb-bewy-4kff

summary

Unsafe Deserialization in jackson-databind
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource`.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36185.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36185.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-36185

reference_id

reference_type

scores

value	0.02715
scoring_system	epss
scoring_elements	0.85922
published_at	2026-04-13T12:55:00Z

value	0.02715
scoring_system	epss
scoring_elements	0.85928
published_at	2026-04-12T12:55:00Z

value	0.02715
scoring_system	epss
scoring_elements	0.85931
published_at	2026-04-11T12:55:00Z

value	0.02715
scoring_system	epss
scoring_elements	0.85916
published_at	2026-04-09T12:55:00Z

value	0.02715
scoring_system	epss
scoring_elements	0.85906
published_at	2026-04-08T12:55:00Z

value	0.02715
scoring_system	epss
scoring_elements	0.85888
published_at	2026-04-07T12:55:00Z

value	0.02715
scoring_system	epss
scoring_elements	0.85884
published_at	2026-04-04T12:55:00Z

value	0.02715
scoring_system	epss
scoring_elements	0.85855
published_at	2026-04-01T12:55:00Z

value	0.02715
scoring_system	epss
scoring_elements	0.85867
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-36185

reference_url

https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36185
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36185

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/567194c53ae91f0a14dc27239afb739b1c10448a

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/567194c53ae91f0a14dc27239afb739b1c10448a

reference_url

https://github.com/FasterXML/jackson-databind/issues/2998

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2998

reference_url

https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html

reference_url

https://security.netapp.com/advisory/ntap-20210205-0005

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20210205-0005

reference_url	https://security.netapp.com/advisory/ntap-20210205-0005/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20210205-0005/

reference_url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1913929
reference_id	1913929
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1913929

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-36185

reference_id

CVE-2020-36185

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-36185

reference_url

https://github.com/advisories/GHSA-8w26-6f25-cm9x

reference_id

GHSA-8w26-6f25-cm9x

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-8w26-6f25-cm9x

reference_url	https://access.redhat.com/errata/RHSA-2021:1230
reference_id	RHSA-2021:1230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1230

reference_url	https://access.redhat.com/errata/RHSA-2021:1515
reference_id	RHSA-2021:1515
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1515

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8

aliases CVE-2020-36185, GHSA-8w26-6f25-cm9x

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jcgb-bewy-4kff

url VCID-jx9y-fyfm-bqdr

vulnerability_id VCID-jx9y-fyfm-bqdr

summary

Polymorphic Typing issue in FasterXML jackson-databind
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10, 2.8.11.5, and 2.6.7.3. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.

references

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16335.json

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16335.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-16335

reference_id

reference_type

scores

value	0.00651
scoring_system	epss
scoring_elements	0.70857
published_at	2026-04-09T12:55:00Z

value	0.00651
scoring_system	epss
scoring_elements	0.7088
published_at	2026-04-11T12:55:00Z

value	0.00651
scoring_system	epss
scoring_elements	0.70864
published_at	2026-04-12T12:55:00Z

value	0.00651
scoring_system	epss
scoring_elements	0.70804
published_at	2026-04-02T12:55:00Z

value	0.00651
scoring_system	epss
scoring_elements	0.70849
published_at	2026-04-13T12:55:00Z

value	0.00651
scoring_system	epss
scoring_elements	0.7079
published_at	2026-04-01T12:55:00Z

value	0.00651
scoring_system	epss
scoring_elements	0.70823
published_at	2026-04-04T12:55:00Z

value	0.00651
scoring_system	epss
scoring_elements	0.70798
published_at	2026-04-07T12:55:00Z

value	0.00651
scoring_system	epss
scoring_elements	0.70841
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-16335

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14379
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14379

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14439
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14439

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14540
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14540

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16335
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16335

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16942
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16942

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16943
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16943

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/73c1c2cc76e6cdd7f3a5615cbe3207fe96e4d3db

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/73c1c2cc76e6cdd7f3a5615cbe3207fe96e4d3db

reference_url

https://github.com/FasterXML/jackson-databind/issues/2449

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2449

reference_url

https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E

reference_url	https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69%40%3Ccommits.tinkerpop.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69%40%3Ccommits.tinkerpop.apache.org%3E

reference_url

https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1@%3Cissues.hbase.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1@%3Cissues.hbase.apache.org%3E

reference_url	https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1%40%3Cissues.hbase.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1%40%3Cissues.hbase.apache.org%3E

reference_url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E

reference_url	https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016%40%3Cissues.hbase.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016%40%3Cissues.hbase.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9@%3Cissues.hbase.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9@%3Cissues.hbase.apache.org%3E

reference_url	https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9%40%3Cissues.hbase.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9%40%3Cissues.hbase.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E

reference_url	https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E

reference_url

https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0@%3Cissues.hbase.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0@%3Cissues.hbase.apache.org%3E

reference_url	https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0%40%3Cissues.hbase.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0%40%3Cissues.hbase.apache.org%3E

reference_url

https://lists.apache.org/thread.html/e90c3feb21702e68a8c08afce37045adb3870f2bf8223fa403fb93fb@%3Ccommits.hbase.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/e90c3feb21702e68a8c08afce37045adb3870f2bf8223fa403fb93fb@%3Ccommits.hbase.apache.org%3E

reference_url	https://lists.apache.org/thread.html/e90c3feb21702e68a8c08afce37045adb3870f2bf8223fa403fb93fb%40%3Ccommits.hbase.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/e90c3feb21702e68a8c08afce37045adb3870f2bf8223fa403fb93fb%40%3Ccommits.hbase.apache.org%3E

reference_url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT/

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-16335

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-16335

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20191004-0002

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20191004-0002

reference_url	https://security.netapp.com/advisory/ntap-20191004-0002/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20191004-0002/

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1755831
reference_id	1755831
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1755831

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940498
reference_id	940498
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940498

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_api_services:-:::::::*
reference_id	cpe:2.3:a:netapp:oncommand_api_services:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_api_services:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*
reference_id	cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*
reference_id	cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.4.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.4.1:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.7.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.7.1:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:customer_management_and_segmentation_foundation:18.0:::::::*
reference_id	cpe:2.3:a:oracle:customer_management_and_segmentation_foundation:18.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:customer_management_and_segmentation_foundation:18.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure::::::::
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_opatch::::::::
reference_id	cpe:2.3:a:oracle:global_lifecycle_management_opatch::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:global_lifecycle_management_opatch::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:::::::*
reference_id	cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:goldengate_stream_analytics::::::::
reference_id	cpe:2.3:a:oracle:goldengate_stream_analytics::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:goldengate_stream_analytics::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway::::::::
reference_id	cpe:2.3:a:oracle:primavera_gateway::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:15.2:::::::*
reference_id	cpe:2.3:a:oracle:primavera_gateway:15.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:15.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:16.1:::::::*
reference_id	cpe:2.3:a:oracle:primavera_gateway:16.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:16.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:16.2:::::::*
reference_id	cpe:2.3:a:oracle:primavera_gateway:16.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:16.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:18.8.0:::::::*
reference_id	cpe:2.3:a:oracle:primavera_gateway:18.8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_gateway:18.8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:17.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:17.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:17.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:::::::*
reference_id	cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

100

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

101

reference_url

https://github.com/advisories/GHSA-85cw-hj65-qqv9

reference_id

GHSA-85cw-hj65-qqv9

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-85cw-hj65-qqv9

102

reference_url	https://access.redhat.com/errata/RHSA-2020:0895
reference_id	RHSA-2020:0895
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0895

103

reference_url	https://access.redhat.com/errata/RHSA-2020:0899
reference_id	RHSA-2020:0899
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0899

104

reference_url	https://access.redhat.com/errata/RHSA-2020:1644
reference_id	RHSA-2020:1644
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1644

105

reference_url	https://access.redhat.com/errata/RHSA-2020:2067
reference_id	RHSA-2020:2067
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2067

106

reference_url	https://access.redhat.com/errata/RHSA-2020:2333
reference_id	RHSA-2020:2333
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2333

107

reference_url	https://access.redhat.com/errata/RHSA-2020:3192
reference_id	RHSA-2020:3192
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3192

108

reference_url	https://usn.ubuntu.com/USN-4813-1/
reference_id	USN-USN-4813-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4813-1/

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2qzn-mkhg-1qh3

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-3wa1-khqf-x7fv

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-a5sk-5grx-eyaf

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tkej-jh51-s7g5

vulnerability	VCID-twvp-wxff-zka2

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x4fr-ena4-47fe

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10

aliases CVE-2019-16335, GHSA-85cw-hj65-qqv9

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jx9y-fyfm-bqdr

url VCID-m7jp-7n22-4qg8

vulnerability_id VCID-m7jp-7n22-4qg8

summary

Deserialization of Untrusted Data
FasterXML jackson-databind might allow attackers to have unspecified impact by leveraging failure to block the `openjpa` class from polymorphic deserialization.

references

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19361.json

reference_url

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19361.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-19361

reference_id

reference_type

scores

value	0.02435
scoring_system	epss
scoring_elements	0.85163
published_at	2026-04-13T12:55:00Z

value	0.02435
scoring_system	epss
scoring_elements	0.85155
published_at	2026-04-09T12:55:00Z

value	0.02435
scoring_system	epss
scoring_elements	0.85147
published_at	2026-04-08T12:55:00Z

value	0.02435
scoring_system	epss
scoring_elements	0.85126
published_at	2026-04-07T12:55:00Z

value	0.02435
scoring_system	epss
scoring_elements	0.85122
published_at	2026-04-04T12:55:00Z

value	0.02435
scoring_system	epss
scoring_elements	0.85105
published_at	2026-04-02T12:55:00Z

value	0.02435
scoring_system	epss
scoring_elements	0.85092
published_at	2026-04-01T12:55:00Z

value	0.02435
scoring_system	epss
scoring_elements	0.85167
published_at	2026-04-12T12:55:00Z

value	0.02435
scoring_system	epss
scoring_elements	0.85169
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-19361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11307
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11307

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14718
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14718

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14719
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14719

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14720
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14720

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086

reference_url

https://github.com/advisories/GHSA-mx9v-gmh4-mgqw

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-mx9v-gmh4-mgqw

reference_url

https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b

reference_url

https://github.com/FasterXML/jackson-databind/issues/2186

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2186

reference_url

https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8

reference_url

https://issues.apache.org/jira/browse/TINKERPOP-2121

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/TINKERPOP-2121

reference_url

https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E

reference_url	https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3%40%3Cdevnull.infra.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3%40%3Cdevnull.infra.apache.org%3E

reference_url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E

reference_url	https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E

reference_url

https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c@%3Ccommits.pulsar.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c@%3Ccommits.pulsar.apache.org%3E

reference_url	https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c%40%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c%40%3Ccommits.pulsar.apache.org%3E

reference_url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E

reference_url	https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190530-0003

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190530-0003

reference_url	https://security.netapp.com/advisory/ntap-20190530-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190530-0003/

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-19361

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1666484
reference_id	1666484
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1666484

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:::::::*
reference_id	cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management::::::::
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:::::::*
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:::::::*
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:::::::*
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2:::::::*
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:18.8:::::::*
reference_id	cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:18.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:18.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier::::::::
reference_id	cpe:2.3:a:oracle:primavera_unifier::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_workforce_management_software:1.60.9.0.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_workforce_management_software:1.60.9.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_workforce_management_software:1.60.9.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:automation_manager:7.3.1:::::::*
reference_id	cpe:2.3:a:redhat:automation_manager:7.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:automation_manager:7.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:decision_manager:7.3.1:::::::*
reference_id	cpe:2.3:a:redhat:decision_manager:7.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:decision_manager:7.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_bpm_suite:6.4.11:::::::*
reference_id	cpe:2.3:a:redhat:jboss_bpm_suite:6.4.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_bpm_suite:6.4.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_brms:6.4.10:::::::*
reference_id	cpe:2.3:a:redhat:jboss_brms:6.4.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_brms:6.4.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
reference_id	cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

reference_id

CVE-2018-19361

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-19361

reference_url	https://access.redhat.com/errata/RHSA-2020:2564
reference_id	RHSA-2020:2564
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2564

reference_url	https://access.redhat.com/errata/RHSA-2021:1230
reference_id	RHSA-2021:1230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1230

reference_url	https://access.redhat.com/errata/RHSA-2021:1515
reference_id	RHSA-2021:1515
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1515

reference_url	https://usn.ubuntu.com/USN-4813-1/
reference_id	USN-USN-4813-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4813-1/

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.8

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2qzn-mkhg-1qh3

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-3wa1-khqf-x7fv

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-a5sk-5grx-eyaf

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tkej-jh51-s7g5

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-twvp-wxff-zka2

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x4fr-ena4-47fe

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.8

aliases CVE-2018-19361, GHSA-mx9v-gmh4-mgqw

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m7jp-7n22-4qg8

url VCID-svkb-adja-qfef

vulnerability_id VCID-svkb-adja-qfef

summary

Improper Input Validation in jackson-databind
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10 and 2.8.11.5. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.

references

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17267.json

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17267.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-17267

reference_id

reference_type

scores

value	0.01195
scoring_system	epss
scoring_elements	0.78824
published_at	2026-04-01T12:55:00Z

value	0.01195
scoring_system	epss
scoring_elements	0.7883
published_at	2026-04-02T12:55:00Z

value	0.01195
scoring_system	epss
scoring_elements	0.78859
published_at	2026-04-04T12:55:00Z

value	0.01195
scoring_system	epss
scoring_elements	0.78842
published_at	2026-04-07T12:55:00Z

value	0.01195
scoring_system	epss
scoring_elements	0.78867
published_at	2026-04-08T12:55:00Z

value	0.01195
scoring_system	epss
scoring_elements	0.78873
published_at	2026-04-09T12:55:00Z

value	0.01195
scoring_system	epss
scoring_elements	0.78897
published_at	2026-04-11T12:55:00Z

value	0.01195
scoring_system	epss
scoring_elements	0.78881
published_at	2026-04-12T12:55:00Z

value	0.01195
scoring_system	epss
scoring_elements	0.78871
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-17267

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17267
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17267

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/191a4cdf87b56d2ddddb77edd895ee756b7f75eb

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/191a4cdf87b56d2ddddb77edd895ee756b7f75eb

reference_url

https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.3...jackson-databind-2.9.10

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.3...jackson-databind-2.9.10

reference_url

https://github.com/FasterXML/jackson-databind/issues/2460

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2460

reference_url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f%40%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f%40%3Ccommits.druid.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9d727fc681fb3828794acbefcaee31393742b4d73a29461ccd9597a8@%3Cdev.skywalking.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r9d727fc681fb3828794acbefcaee31393742b4d73a29461ccd9597a8@%3Cdev.skywalking.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9d727fc681fb3828794acbefcaee31393742b4d73a29461ccd9597a8%40%3Cdev.skywalking.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9d727fc681fb3828794acbefcaee31393742b4d73a29461ccd9597a8%40%3Cdev.skywalking.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2019/12/msg00013.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2019/12/msg00013.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-17267

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-17267

reference_url

https://security.netapp.com/advisory/ntap-20191017-0006

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20191017-0006

reference_url	https://security.netapp.com/advisory/ntap-20191017-0006/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20191017-0006/

reference_url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1758167
reference_id	1758167
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1758167

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager::::::linux::*
reference_id	cpe:2.3:a:netapp:active_iq_unified_manager::::::linux::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager::::::linux::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager::::::vmware_vsphere::*
reference_id	cpe:2.3:a:netapp:active_iq_unified_manager::::::vmware_vsphere::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager::::::vmware_vsphere::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager::::::windows::*
reference_id	cpe:2.3:a:netapp:active_iq_unified_manager::::::windows::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager::::::windows::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_api_services:-:::::::*
reference_id	cpe:2.3:a:netapp:oncommand_api_services:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_api_services:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*
reference_id	cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:service_level_manager:-:::::::*
reference_id	cpe:2.3:a:netapp:service_level_manager:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:service_level_manager:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*
reference_id	cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:customer_management_and_segmentation_foundation::::::::
reference_id	cpe:2.3:a:oracle:customer_management_and_segmentation_foundation::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:customer_management_and_segmentation_foundation::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:::::::*
reference_id	cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:17.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:17.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:17.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

reference_url

https://github.com/advisories/GHSA-f3j5-rmmp-3fc5

reference_id

GHSA-f3j5-rmmp-3fc5

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-f3j5-rmmp-3fc5

reference_url	https://access.redhat.com/errata/RHSA-2020:0895
reference_id	RHSA-2020:0895
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0895

reference_url	https://access.redhat.com/errata/RHSA-2020:0899
reference_id	RHSA-2020:0899
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0899

reference_url	https://access.redhat.com/errata/RHSA-2020:2067
reference_id	RHSA-2020:2067
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2067

reference_url	https://access.redhat.com/errata/RHSA-2020:2321
reference_id	RHSA-2020:2321
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2321

reference_url	https://access.redhat.com/errata/RHSA-2020:2333
reference_id	RHSA-2020:2333
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2333

reference_url	https://access.redhat.com/errata/RHSA-2020:3192
reference_id	RHSA-2020:3192
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3192

reference_url	https://usn.ubuntu.com/USN-4813-1/
reference_id	USN-USN-4813-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4813-1/

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2qzn-mkhg-1qh3

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-3wa1-khqf-x7fv

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-a5sk-5grx-eyaf

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tkej-jh51-s7g5

vulnerability	VCID-twvp-wxff-zka2

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x4fr-ena4-47fe

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10

aliases CVE-2019-17267, GHSA-f3j5-rmmp-3fc5

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-svkb-adja-qfef

url VCID-sw29-epz3-g7ep

vulnerability_id VCID-sw29-epz3-g7ep

summary

Improper Restriction of XML External Entity Reference
FasterXML jackson-databind might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.

references

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14720.json

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14720.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14720

reference_id

reference_type

scores

value	0.03348
scoring_system	epss
scoring_elements	0.87316
published_at	2026-04-13T12:55:00Z

value	0.03348
scoring_system	epss
scoring_elements	0.87263
published_at	2026-04-01T12:55:00Z

value	0.03348
scoring_system	epss
scoring_elements	0.87273
published_at	2026-04-02T12:55:00Z

value	0.03348
scoring_system	epss
scoring_elements	0.87289
published_at	2026-04-04T12:55:00Z

value	0.03348
scoring_system	epss
scoring_elements	0.87287
published_at	2026-04-07T12:55:00Z

value	0.03348
scoring_system	epss
scoring_elements	0.87306
published_at	2026-04-08T12:55:00Z

value	0.03348
scoring_system	epss
scoring_elements	0.87314
published_at	2026-04-09T12:55:00Z

value	0.03348
scoring_system	epss
scoring_elements	0.87326
published_at	2026-04-11T12:55:00Z

value	0.03348
scoring_system	epss
scoring_elements	0.8732
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14720

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11307
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11307

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14718
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14718

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14719
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14719

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14720
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14720

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086

reference_url

https://github.com/advisories/GHSA-x2w5-5m2g-7h5m

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-x2w5-5m2g-7h5m

reference_url

https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44

reference_url

https://github.com/FasterXML/jackson-databind/issues/2097

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2097

reference_url

https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7

reference_url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E

reference_url	https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286%40%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286%40%3Cdev.lucene.apache.org%3E

reference_url

https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E

reference_url	https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f%40%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f%40%3Cdev.lucene.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E

reference_url	https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df%40%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df%40%3Cdev.lucene.apache.org%3E

reference_url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E

reference_url	https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190530-0003

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190530-0003

reference_url	https://security.netapp.com/advisory/ntap-20190530-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190530-0003/

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1666423
reference_id	1666423
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1666423

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc1::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc2::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc3::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.8.0:rc1::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind:2.8.0:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.8.0:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.8.0:rc2::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind:2.8.0:rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.8.0:rc2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr1::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr2::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr3::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr4::::::
reference_id	cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.2:::::::*
reference_id	cpe:2.3:a:oracle:banking_platform:2.6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:banking_platform:2.6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:::::::*
reference_id	cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.2:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.3:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.3.1:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.2:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.3:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.4:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.5:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:::::::*
reference_id	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:::::::*
reference_id	cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier::::::::
reference_id	cpe:2.3:a:oracle:primavera_unifier::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*
reference_id	cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:15.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_merchandising_system:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:16.0:::::::*
reference_id	cpe:2.3:a:oracle:retail_merchandising_system:16.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_merchandising_system:16.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*
reference_id	cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
reference_id	cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-14720

reference_id

CVE-2018-14720

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-14720

reference_url	https://access.redhat.com/errata/RHSA-2020:2564
reference_id	RHSA-2020:2564
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2564

reference_url	https://access.redhat.com/errata/RHSA-2021:1230
reference_id	RHSA-2021:1230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1230

reference_url	https://access.redhat.com/errata/RHSA-2021:1515
reference_id	RHSA-2021:1515
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1515

reference_url	https://usn.ubuntu.com/USN-4813-1/
reference_id	USN-USN-4813-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4813-1/

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.3

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2ev8-r6cx-a3an

vulnerability	VCID-2x39-rsxh-rkgw

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5r6v-ej7d-ubgv

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-6zee-aqcc-vfbp

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-g8gt-d7gz-13e6

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-m7jp-7n22-4qg8

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-unwq-s63h-uuaw

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-zdwv-ycey-myfc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.3

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.7

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2qzn-mkhg-1qh3

vulnerability	VCID-2x39-rsxh-rkgw

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-3wa1-khqf-x7fv

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-a5sk-5grx-eyaf

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-g8gt-d7gz-13e6

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-m7jp-7n22-4qg8

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tkej-jh51-s7g5

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-twvp-wxff-zka2

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x4fr-ena4-47fe

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.7

aliases CVE-2018-14720, GHSA-x2w5-5m2g-7h5m

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sw29-epz3-g7ep

url VCID-swqd-uk56-wkat

vulnerability_id VCID-swqd-uk56-wkat

summary

Serialization gadgets exploit in jackson-databind
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35491.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35491.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-35491

reference_id

reference_type

scores

value	0.05713
scoring_system	epss
scoring_elements	0.90426
published_at	2026-04-13T12:55:00Z

value	0.05713
scoring_system	epss
scoring_elements	0.90433
published_at	2026-04-12T12:55:00Z

value	0.05713
scoring_system	epss
scoring_elements	0.90425
published_at	2026-04-09T12:55:00Z

value	0.05713
scoring_system	epss
scoring_elements	0.90419
published_at	2026-04-08T12:55:00Z

value	0.05713
scoring_system	epss
scoring_elements	0.90405
published_at	2026-04-07T12:55:00Z

value	0.05713
scoring_system	epss
scoring_elements	0.90401
published_at	2026-04-04T12:55:00Z

value	0.05713
scoring_system	epss
scoring_elements	0.90386
published_at	2026-04-01T12:55:00Z

value	0.05713
scoring_system	epss
scoring_elements	0.90388
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-35491

reference_url

https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35491
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35491

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/41b8bdb5ccc1d8edb71acf1c8234da235a24249d

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/41b8bdb5ccc1d8edb71acf1c8234da235a24249d

reference_url

https://github.com/FasterXML/jackson-databind/issues/2986

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2986

reference_url

https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-35491

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-35491

reference_url

https://security.netapp.com/advisory/ntap-20210122-0005

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20210122-0005

reference_url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1909269
reference_id	1909269
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1909269

reference_url

https://github.com/advisories/GHSA-r3gr-cxrf-hg25

reference_id

GHSA-r3gr-cxrf-hg25

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-r3gr-cxrf-hg25

reference_url	https://access.redhat.com/errata/RHSA-2021:1230
reference_id	RHSA-2021:1230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1230

reference_url	https://access.redhat.com/errata/RHSA-2021:1515
reference_id	RHSA-2021:1515
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1515

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8

aliases CVE-2020-35491, GHSA-r3gr-cxrf-hg25

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-swqd-uk56-wkat

url VCID-tm7y-tnx3-43dq

vulnerability_id VCID-tm7y-tnx3-43dq

summary

Polymorphic deserialization of malicious object in jackson-databind
A flaw was discovered in FasterXML jackson-databind in all versions before 2.9.10 and 2.10.0, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.

references

reference_url

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14893.json

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14893.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14893

reference_id

reference_type

scores

value	0.00956
scoring_system	epss
scoring_elements	0.76435
published_at	2026-04-13T12:55:00Z

value	0.00956
scoring_system	epss
scoring_elements	0.76377
published_at	2026-04-01T12:55:00Z

value	0.00956
scoring_system	epss
scoring_elements	0.7638
published_at	2026-04-02T12:55:00Z

value	0.00956
scoring_system	epss
scoring_elements	0.76409
published_at	2026-04-04T12:55:00Z

value	0.00956
scoring_system	epss
scoring_elements	0.76391
published_at	2026-04-07T12:55:00Z

value	0.00956
scoring_system	epss
scoring_elements	0.76423
published_at	2026-04-08T12:55:00Z

value	0.00956
scoring_system	epss
scoring_elements	0.76437
published_at	2026-04-09T12:55:00Z

value	0.00956
scoring_system	epss
scoring_elements	0.76462
published_at	2026-04-11T12:55:00Z

value	0.00956
scoring_system	epss
scoring_elements	0.7644
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14893

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14893

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14893

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14893
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14893

reference_url

https://github.com/FasterXML/jackson-databind/commit/998efd708284778f29d83d7962a9bd935c228317

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/998efd708284778f29d83d7962a9bd935c228317

reference_url

https://github.com/FasterXML/jackson-databind/issues/2469

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2469

reference_url

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-14893

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-14893

reference_url

https://security.netapp.com/advisory/ntap-20200327-0006

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200327-0006

reference_url	https://security.netapp.com/advisory/ntap-20200327-0006/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200327-0006/

reference_url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1758182
reference_id	1758182
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1758182

reference_url

https://github.com/advisories/GHSA-qmqc-x3r4-6v39

reference_id

GHSA-qmqc-x3r4-6v39

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-qmqc-x3r4-6v39

reference_url	https://access.redhat.com/errata/RHSA-2020:0895
reference_id	RHSA-2020:0895
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0895

reference_url	https://access.redhat.com/errata/RHSA-2020:0899
reference_id	RHSA-2020:0899
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0899

reference_url	https://access.redhat.com/errata/RHSA-2020:2067
reference_id	RHSA-2020:2067
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2067

reference_url	https://access.redhat.com/errata/RHSA-2020:2333
reference_id	RHSA-2020:2333
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2333

reference_url	https://access.redhat.com/errata/RHSA-2020:3192
reference_id	RHSA-2020:3192
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3192

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2qzn-mkhg-1qh3

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-3wa1-khqf-x7fv

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-a5sk-5grx-eyaf

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tkej-jh51-s7g5

vulnerability	VCID-twvp-wxff-zka2

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x4fr-ena4-47fe

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10

aliases CVE-2019-14893, GHSA-qmqc-x3r4-6v39

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tm7y-tnx3-43dq

url VCID-u87p-2xgz-e3fj

vulnerability_id VCID-u87p-2xgz-e3fj

summary

Unsafe Deserialization in jackson-databind
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36187.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36187.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-36187

reference_id

reference_type

scores

value	0.02147
scoring_system	epss
scoring_elements	0.84229
published_at	2026-04-13T12:55:00Z

value	0.02147
scoring_system	epss
scoring_elements	0.84232
published_at	2026-04-12T12:55:00Z

value	0.02147
scoring_system	epss
scoring_elements	0.84238
published_at	2026-04-11T12:55:00Z

value	0.02147
scoring_system	epss
scoring_elements	0.8422
published_at	2026-04-09T12:55:00Z

value	0.02147
scoring_system	epss
scoring_elements	0.84214
published_at	2026-04-08T12:55:00Z

value	0.02147
scoring_system	epss
scoring_elements	0.84192
published_at	2026-04-07T12:55:00Z

value	0.02147
scoring_system	epss
scoring_elements	0.84191
published_at	2026-04-04T12:55:00Z

value	0.02147
scoring_system	epss
scoring_elements	0.8416
published_at	2026-04-01T12:55:00Z

value	0.02147
scoring_system	epss
scoring_elements	0.84173
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-36187

reference_url

https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36187
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36187

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/3e8fa3beea49ea62109df9e643c9cb678dabdde1

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/3e8fa3beea49ea62109df9e643c9cb678dabdde1

reference_url

https://github.com/FasterXML/jackson-databind/issues/2997

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2997

reference_url

https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-36187

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-36187

reference_url

https://security.netapp.com/advisory/ntap-20210205-0005

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20210205-0005

reference_url	https://security.netapp.com/advisory/ntap-20210205-0005/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20210205-0005/

reference_url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1913933
reference_id	1913933
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1913933

reference_url

https://github.com/advisories/GHSA-r695-7vr9-jgc2

reference_id

GHSA-r695-7vr9-jgc2

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-r695-7vr9-jgc2

reference_url	https://access.redhat.com/errata/RHSA-2021:1230
reference_id	RHSA-2021:1230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1230

reference_url	https://access.redhat.com/errata/RHSA-2021:1515
reference_id	RHSA-2021:1515
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1515

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8

aliases CVE-2020-36187, GHSA-r695-7vr9-jgc2

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u87p-2xgz-e3fj

url VCID-ukwd-7rkh-sfhj

vulnerability_id VCID-ukwd-7rkh-sfhj

summary

Deserialization of Untrusted Data
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35728.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35728.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-35728

reference_id

reference_type

scores

value	0.39669
scoring_system	epss
scoring_elements	0.97296
published_at	2026-04-02T12:55:00Z

value	0.39669
scoring_system	epss
scoring_elements	0.973
published_at	2026-04-04T12:55:00Z

value	0.40254
scoring_system	epss
scoring_elements	0.97322
published_at	2026-04-01T12:55:00Z

value	0.40547
scoring_system	epss
scoring_elements	0.97355
published_at	2026-04-12T12:55:00Z

value	0.40547
scoring_system	epss
scoring_elements	0.97352
published_at	2026-04-09T12:55:00Z

value	0.40547
scoring_system	epss
scoring_elements	0.97356
published_at	2026-04-13T12:55:00Z

value	0.40547
scoring_system	epss
scoring_elements	0.97351
published_at	2026-04-08T12:55:00Z

value	0.40547
scoring_system	epss
scoring_elements	0.97345
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-35728

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35728
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35728

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/1ca0388c2fb37ac6a06f1c188ae89c41e3e15e84

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/1ca0388c2fb37ac6a06f1c188ae89c41e3e15e84

reference_url

https://github.com/FasterXML/jackson-databind/issues/2999

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-27T20:33:41Z/

url

https://github.com/FasterXML/jackson-databind/issues/2999

reference_url

https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-27T20:33:41Z/

url

https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html

reference_url

https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_url

https://security.netapp.com/advisory/ntap-20210129-0007

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20210129-0007

reference_url

https://security.netapp.com/advisory/ntap-20210129-0007/

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-27T20:33:41Z/

url

https://security.netapp.com/advisory/ntap-20210129-0007/

reference_url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-27T20:33:41Z/

url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-27T20:33:41Z/

url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-27T20:33:41Z/

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-27T20:33:41Z/

url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-27T20:33:41Z/

url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-27T20:33:41Z/

url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1911502
reference_id	1911502
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1911502

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-35728

reference_id

CVE-2020-35728

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-35728

reference_url

https://github.com/advisories/GHSA-5r5r-6hpj-8gg9

reference_id

GHSA-5r5r-6hpj-8gg9

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-5r5r-6hpj-8gg9

reference_url	https://access.redhat.com/errata/RHSA-2021:1230
reference_id	RHSA-2021:1230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1230

reference_url	https://access.redhat.com/errata/RHSA-2021:1515
reference_id	RHSA-2021:1515
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1515

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8

aliases CVE-2020-35728, GHSA-5r5r-6hpj-8gg9

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ukwd-7rkh-sfhj

url VCID-unwq-s63h-uuaw

vulnerability_id VCID-unwq-s63h-uuaw

summary FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 and CVE-2017-17485 deserialization flaws. This is exploitable via two different gadgets that bypass a blacklist.

references

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:1525

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:1525

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5968.json

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5968.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5968

reference_id

reference_type

scores

value	0.01965
scoring_system	epss
scoring_elements	0.8352
published_at	2026-04-13T12:55:00Z

value	0.01965
scoring_system	epss
scoring_elements	0.83455
published_at	2026-04-01T12:55:00Z

value	0.01965
scoring_system	epss
scoring_elements	0.83468
published_at	2026-04-02T12:55:00Z

value	0.01965
scoring_system	epss
scoring_elements	0.83482
published_at	2026-04-04T12:55:00Z

value	0.01965
scoring_system	epss
scoring_elements	0.83481
published_at	2026-04-07T12:55:00Z

value	0.01965
scoring_system	epss
scoring_elements	0.83505
published_at	2026-04-08T12:55:00Z

value	0.01965
scoring_system	epss
scoring_elements	0.83515
published_at	2026-04-09T12:55:00Z

value	0.01965
scoring_system	epss
scoring_elements	0.83529
published_at	2026-04-11T12:55:00Z

value	0.01965
scoring_system	epss
scoring_elements	0.83523
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5968

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17485
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17485

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5968
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5968

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/038b471e2efde2e8f96b4e0be958d3e5a1ff1d0

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/038b471e2efde2e8f96b4e0be958d3e5a1ff1d0

reference_url

https://github.com/FasterXML/jackson-databind/commit/03ea0bec6293d4330b5ad19d1d62aca0e3cb6381

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/03ea0bec6293d4330b5ad19d1d62aca0e3cb6381

reference_url

https://github.com/FasterXML/jackson-databind/commit/454be8bb8c913be18298327a84ca45a280b61605

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/454be8bb8c913be18298327a84ca45a280b61605

reference_url

https://github.com/FasterXML/jackson-databind/issues/1899

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/1899

reference_url

https://github.com/GulajavaMinistudio/jackson-databind/pull/92/commits/038b471e2efde2e8f96b4e0be958d3e5a1ff1d05

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/GulajavaMinistudio/jackson-databind/pull/92/commits/038b471e2efde2e8f96b4e0be958d3e5a1ff1d05

reference_url

https://security.netapp.com/advisory/ntap-20180423-0002

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20180423-0002

reference_url	https://security.netapp.com/advisory/ntap-20180423-0002/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20180423-0002/

reference_url

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03902en_us

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03902en_us

reference_url

https://www.debian.org/security/2018/dsa-4114

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2018/dsa-4114

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1538332
reference_id	1538332
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1538332

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888316
reference_id	888316
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888316

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5968

reference_id

CVE-2018-5968

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5968

reference_url

https://github.com/advisories/GHSA-w3f4-3q6j-rh82

reference_id

GHSA-w3f4-3q6j-rh82

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-w3f4-3q6j-rh82

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.1

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2ev8-r6cx-a3an

vulnerability	VCID-2x39-rsxh-rkgw

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5r6v-ej7d-ubgv

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-6zee-aqcc-vfbp

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-g8gt-d7gz-13e6

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-m7jp-7n22-4qg8

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-zdwv-ycey-myfc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.1

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.4

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2qzn-mkhg-1qh3

vulnerability	VCID-2x39-rsxh-rkgw

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-3wa1-khqf-x7fv

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-5r6v-ej7d-ubgv

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-6zee-aqcc-vfbp

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-a5sk-5grx-eyaf

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-g8gt-d7gz-13e6

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-m7jp-7n22-4qg8

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tkej-jh51-s7g5

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-twvp-wxff-zka2

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x4fr-ena4-47fe

vulnerability	VCID-x6g1-qw1v-jbas

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-zdwv-ycey-myfc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.4

aliases CVE-2018-5968, GHSA-w3f4-3q6j-rh82

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-unwq-s63h-uuaw

url VCID-v2pq-1qhm-4qb9

vulnerability_id VCID-v2pq-1qhm-4qb9

summary Multiple vulnerabilities have been found in FasterXML jackson-databind, the worst of which could result in denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42004.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42004.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-42004

reference_id

reference_type

scores

value	0.00273
scoring_system	epss
scoring_elements	0.50735
published_at	2026-04-12T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50758
published_at	2026-04-11T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50716
published_at	2026-04-09T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50719
published_at	2026-04-13T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50664
published_at	2026-04-07T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50683
published_at	2026-04-02T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50708
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-42004

reference_url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50490

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50490

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42003
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42003

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42004
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42004

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/063183589218fec19a9293ed2f17ec53ea80ba88

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/063183589218fec19a9293ed2f17ec53ea80ba88

reference_url

https://github.com/FasterXML/jackson-databind/commit/35de19e7144c4df8ab178b800ba86e80c3d84252

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/35de19e7144c4df8ab178b800ba86e80c3d84252

reference_url

https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/cd090979b7ea78c75e4de8a4aed04f7e9fa8deea

reference_url

https://github.com/FasterXML/jackson-databind/issues/3582

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/3582

reference_url

https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-42004

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-42004

reference_url

https://security.netapp.com/advisory/ntap-20221118-0008

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20221118-0008

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-rgv9-q543-rqg4

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2135247
reference_id	2135247
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2135247

reference_url

reference_id

GHSA-rgv9-q543-rqg4

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-rgv9-q543-rqg4

reference_url

reference_id

GLSA-202210-21

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36518.json

reference_url	https://access.redhat.com/errata/RHSA-2022:7435
reference_id	RHSA-2022:7435
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7435

reference_url	https://access.redhat.com/errata/RHSA-2022:8781
reference_id	RHSA-2022:8781
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8781

reference_url	https://access.redhat.com/errata/RHSA-2022:8876
reference_id	RHSA-2022:8876
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8876

reference_url	https://access.redhat.com/errata/RHSA-2022:8889
reference_id	RHSA-2022:8889
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8889

reference_url	https://access.redhat.com/errata/RHSA-2022:9023
reference_id	RHSA-2022:9023
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:9023

reference_url	https://access.redhat.com/errata/RHSA-2022:9032
reference_id	RHSA-2022:9032
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:9032

reference_url	https://access.redhat.com/errata/RHSA-2023:0189
reference_id	RHSA-2023:0189
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0189

reference_url	https://access.redhat.com/errata/RHSA-2023:0264
reference_id	RHSA-2023:0264
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0264

reference_url	https://access.redhat.com/errata/RHSA-2023:0469
reference_id	RHSA-2023:0469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0469

reference_url	https://access.redhat.com/errata/RHSA-2023:0471
reference_id	RHSA-2023:0471
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0471

reference_url	https://access.redhat.com/errata/RHSA-2023:0552
reference_id	RHSA-2023:0552
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0552

reference_url	https://access.redhat.com/errata/RHSA-2023:0553
reference_id	RHSA-2023:0553
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0553

reference_url	https://access.redhat.com/errata/RHSA-2023:0554
reference_id	RHSA-2023:0554
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0554

reference_url	https://access.redhat.com/errata/RHSA-2023:0556
reference_id	RHSA-2023:0556
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0556

reference_url	https://access.redhat.com/errata/RHSA-2023:0713
reference_id	RHSA-2023:0713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0713

reference_url	https://access.redhat.com/errata/RHSA-2023:1006
reference_id	RHSA-2023:1006
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1006

reference_url	https://access.redhat.com/errata/RHSA-2023:1064
reference_id	RHSA-2023:1064
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1064

reference_url	https://access.redhat.com/errata/RHSA-2023:2097
reference_id	RHSA-2023:2097
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2097

reference_url	https://access.redhat.com/errata/RHSA-2023:2100
reference_id	RHSA-2023:2100
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2100

reference_url	https://access.redhat.com/errata/RHSA-2023:3223
reference_id	RHSA-2023:3223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3223

reference_url	https://access.redhat.com/errata/RHSA-2023:3641
reference_id	RHSA-2023:3641
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3641

reference_url	https://access.redhat.com/errata/RHSA-2023:3663
reference_id	RHSA-2023:3663
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3663

reference_url	https://access.redhat.com/errata/RHSA-2025:1746
reference_id	RHSA-2025:1746
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1746

reference_url	https://access.redhat.com/errata/RHSA-2025:1747
reference_id	RHSA-2025:1747
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1747

fixed_packages

url	pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.7.1
purl	pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.7.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.7.1

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.13.4

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.13.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9h46-72hw-bkcr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.13.4

aliases CVE-2022-42004, GHSA-rgv9-q543-rqg4

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v2pq-1qhm-4qb9

url VCID-v6ek-y7cn-kycd

vulnerability_id VCID-v6ek-y7cn-kycd

summary

Uncontrolled Resource Consumption
jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36518.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-36518

reference_id

reference_type

scores

value	0.00514
scoring_system	epss
scoring_elements	0.66577
published_at	2026-04-13T12:55:00Z

value	0.00514
scoring_system	epss
scoring_elements	0.66609
published_at	2026-04-12T12:55:00Z

value	0.00514
scoring_system	epss
scoring_elements	0.66621
published_at	2026-04-11T12:55:00Z

value	0.00514
scoring_system	epss
scoring_elements	0.66603
published_at	2026-04-09T12:55:00Z

value	0.00514
scoring_system	epss
scoring_elements	0.66589
published_at	2026-04-08T12:55:00Z

value	0.00514
scoring_system	epss
scoring_elements	0.66541
published_at	2026-04-07T12:55:00Z

value	0.00514
scoring_system	epss
scoring_elements	0.66569
published_at	2026-04-04T12:55:00Z

value	0.00514
scoring_system	epss
scoring_elements	0.66544
published_at	2026-04-02T12:55:00Z

value	0.00514
scoring_system	epss
scoring_elements	0.66505
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-36518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42003
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42003

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42004
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42004

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/0a8157c6ca478b1bc7be4ba7dccdb3863275f0de

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/0a8157c6ca478b1bc7be4ba7dccdb3863275f0de

reference_url

https://github.com/FasterXML/jackson-databind/commit/3cc52f82ecf943e06c1d7c3b078e405fb3923d2b

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/3cc52f82ecf943e06c1d7c3b078e405fb3923d2b

reference_url

https://github.com/FasterXML/jackson-databind/commit/8238ab41d0350fb915797c89d46777b4496b74fd

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/8238ab41d0350fb915797c89d46777b4496b74fd

reference_url

https://github.com/FasterXML/jackson-databind/commit/b3587924ee5d8695942f364d0d404d48d0ea6126

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/b3587924ee5d8695942f364d0d404d48d0ea6126

reference_url

https://github.com/FasterXML/jackson-databind/commit/fcfc4998ec23f0b1f7f8a9521c2b317b6c25892b

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/fcfc4998ec23f0b1f7f8a9521c2b317b6c25892b

reference_url

https://github.com/FasterXML/jackson-databind/issues/2816

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:34:26Z/

url

https://github.com/FasterXML/jackson-databind/issues/2816

reference_url

https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12

reference_url

https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13

reference_url

https://lists.debian.org/debian-lts-announce/2022/05/msg00001.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:34:26Z/

url

https://lists.debian.org/debian-lts-announce/2022/05/msg00001.html

reference_url

https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:34:26Z/

url

https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html

reference_url

https://security.netapp.com/advisory/ntap-20220506-0004

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20220506-0004

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:34:26Z/

url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:34:26Z/

url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:34:26Z/

url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1007109
reference_id	1007109
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1007109

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2064698
reference_id	2064698
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2064698

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-36518

reference_id

CVE-2020-36518

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-36518

reference_url

https://github.com/advisories/GHSA-57j2-w4cx-62h2

reference_id

GHSA-57j2-w4cx-62h2

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-57j2-w4cx-62h2

reference_url

https://security.netapp.com/advisory/ntap-20220506-0004/

reference_id

ntap-20220506-0004

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:34:26Z/

url

https://security.netapp.com/advisory/ntap-20220506-0004/

reference_url	https://access.redhat.com/errata/RHSA-2022:2232
reference_id	RHSA-2022:2232
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2232

reference_url	https://access.redhat.com/errata/RHSA-2022:4918
reference_id	RHSA-2022:4918
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4918

reference_url	https://access.redhat.com/errata/RHSA-2022:4919
reference_id	RHSA-2022:4919
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4919

reference_url	https://access.redhat.com/errata/RHSA-2022:4922
reference_id	RHSA-2022:4922
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4922

reference_url	https://access.redhat.com/errata/RHSA-2022:5029
reference_id	RHSA-2022:5029
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5029

reference_url	https://access.redhat.com/errata/RHSA-2022:5101
reference_id	RHSA-2022:5101
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5101

reference_url	https://access.redhat.com/errata/RHSA-2022:5532
reference_id	RHSA-2022:5532
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5532

reference_url	https://access.redhat.com/errata/RHSA-2022:5596
reference_id	RHSA-2022:5596
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5596

reference_url	https://access.redhat.com/errata/RHSA-2022:6407
reference_id	RHSA-2022:6407
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6407

reference_url	https://access.redhat.com/errata/RHSA-2022:6782
reference_id	RHSA-2022:6782
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6782

reference_url	https://access.redhat.com/errata/RHSA-2022:6783
reference_id	RHSA-2022:6783
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6783

reference_url	https://access.redhat.com/errata/RHSA-2022:6787
reference_id	RHSA-2022:6787
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6787

reference_url	https://access.redhat.com/errata/RHSA-2022:6819
reference_id	RHSA-2022:6819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6819

reference_url	https://access.redhat.com/errata/RHSA-2022:7409
reference_id	RHSA-2022:7409
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7409

reference_url	https://access.redhat.com/errata/RHSA-2022:7410
reference_id	RHSA-2022:7410
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7410

reference_url	https://access.redhat.com/errata/RHSA-2022:7411
reference_id	RHSA-2022:7411
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7411

reference_url	https://access.redhat.com/errata/RHSA-2022:7417
reference_id	RHSA-2022:7417
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7417

reference_url	https://access.redhat.com/errata/RHSA-2022:7435
reference_id	RHSA-2022:7435
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7435

reference_url	https://access.redhat.com/errata/RHSA-2022:8781
reference_id	RHSA-2022:8781
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8781

reference_url	https://access.redhat.com/errata/RHSA-2022:8889
reference_id	RHSA-2022:8889
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8889

reference_url	https://access.redhat.com/errata/RHSA-2023:0264
reference_id	RHSA-2023:0264
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0264

reference_url	https://access.redhat.com/errata/RHSA-2023:2312
reference_id	RHSA-2023:2312
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2312

reference_url	https://access.redhat.com/errata/RHSA-2023:3223
reference_id	RHSA-2023:3223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3223

reference_url	https://access.redhat.com/errata/RHSA-2024:3061
reference_id	RHSA-2024:3061
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3061

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.6.1

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.6.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-v2pq-1qhm-4qb9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.6.1

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.13.2.1

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.13.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-v2pq-1qhm-4qb9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.13.2.1

aliases CVE-2020-36518, GHSA-57j2-w4cx-62h2

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v6ek-y7cn-kycd

url VCID-v84e-sf92-dqa1

vulnerability_id VCID-v84e-sf92-dqa1

summary A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.

references

reference_url

https://access.redhat.com/errata/RHSA-2017:1834

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:1834

reference_url

https://access.redhat.com/errata/RHSA-2017:1835

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:1835

reference_url

https://access.redhat.com/errata/RHSA-2017:1836

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:1836

reference_url

https://access.redhat.com/errata/RHSA-2017:1837

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:1837

reference_url

https://access.redhat.com/errata/RHSA-2017:1839

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:1839

reference_url

https://access.redhat.com/errata/RHSA-2017:1840

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:1840

reference_url

https://access.redhat.com/errata/RHSA-2017:2477

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:2477

reference_url

https://access.redhat.com/errata/RHSA-2017:2546

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:2546

reference_url

https://access.redhat.com/errata/RHSA-2017:2547

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:2547

reference_url

https://access.redhat.com/errata/RHSA-2017:2633

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:2633

reference_url

https://access.redhat.com/errata/RHSA-2017:2635

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:2635

reference_url

https://access.redhat.com/errata/RHSA-2017:2636

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:2636

reference_url

https://access.redhat.com/errata/RHSA-2017:2637

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:2637

reference_url

https://access.redhat.com/errata/RHSA-2017:2638

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:2638

reference_url

https://access.redhat.com/errata/RHSA-2017:3141

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:3141

reference_url

https://access.redhat.com/errata/RHSA-2017:3454

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:3454

reference_url

https://access.redhat.com/errata/RHSA-2017:3455

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:3455

reference_url

https://access.redhat.com/errata/RHSA-2017:3456

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:3456

reference_url

https://access.redhat.com/errata/RHSA-2017:3458

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:3458

reference_url

https://access.redhat.com/errata/RHSA-2018:0294

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:0294

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2019:0910

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2019:0910

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7525.json

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7525.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7525

reference_id

reference_type

scores

value	0.79267
scoring_system	epss
scoring_elements	0.99061
published_at	2026-04-02T12:55:00Z

value	0.79267
scoring_system	epss
scoring_elements	0.99071
published_at	2026-04-13T12:55:00Z

value	0.79267
scoring_system	epss
scoring_elements	0.9907
published_at	2026-04-09T12:55:00Z

value	0.79267
scoring_system	epss
scoring_elements	0.99069
published_at	2026-04-11T12:55:00Z

value	0.79267
scoring_system	epss
scoring_elements	0.99068
published_at	2026-04-07T12:55:00Z

value	0.79267
scoring_system	epss
scoring_elements	0.99066
published_at	2026-04-04T12:55:00Z

value	0.79549
scoring_system	epss
scoring_elements	0.99076
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7525

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1462702

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1462702

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7525
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7525

reference_url

https://cwiki.apache.org/confluence/display/WW/S2-055

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://cwiki.apache.org/confluence/display/WW/S2-055

reference_url

https://github.com/advisories/GHSA-qxxx-2pp7-5hmx

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-qxxx-2pp7-5hmx

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/3bfbb835e530055c1941ddf87fde0b08d08dcd38

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/3bfbb835e530055c1941ddf87fde0b08d08dcd38

reference_url

https://github.com/FasterXML/jackson-databind/commit/60d459cedcf079c6106ae7da2ac562bc32dcabe1

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/60d459cedcf079c6106ae7da2ac562bc32dcabe1

reference_url

https://github.com/FasterXML/jackson-databind/commit/680d75b011edd67a2d2a2e9980998a968194c2ef

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/680d75b011edd67a2d2a2e9980998a968194c2ef

reference_url

https://github.com/FasterXML/jackson-databind/commit/6ce32ffd18facac6abdbbf559c817b47fcb622c1

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/6ce32ffd18facac6abdbbf559c817b47fcb622c1

reference_url

https://github.com/FasterXML/jackson-databind/commit/90042692085deeb05ae75c569c9909f7dba24415

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/90042692085deeb05ae75c569c9909f7dba24415

reference_url	https://github.com/FasterXML/jackson-databind/commit/ddfddfba6414adbecaff99684ef66eebd3a92e92
reference_id
reference_type
scores
url	https://github.com/FasterXML/jackson-databind/commit/ddfddfba6414adbecaff99684ef66eebd3a92e92

reference_url	https://github.com/FasterXML/jackson-databind/commit/e8f043d1aac9b82eee907e0f0c3abbdea723a935
reference_id
reference_type
scores
url	https://github.com/FasterXML/jackson-databind/commit/e8f043d1aac9b82eee907e0f0c3abbdea723a935

reference_url

https://github.com/FasterXML/jackson-databind/commit/fa87c1ddbe803ebb7295f5c2ebfe38e12f6e6162

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/fa87c1ddbe803ebb7295f5c2ebfe38e12f6e6162

reference_url

https://github.com/FasterXML/jackson-databind/commit/fd8dec2c7fab8b4b4bd60502a0f1d63ec23c24da

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/fd8dec2c7fab8b4b4bd60502a0f1d63ec23c24da

reference_url

https://github.com/FasterXML/jackson-databind/issues/1599

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/1599

reference_url

https://github.com/FasterXML/jackson-databind/issues/1723

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/1723

reference_url	https://github.com/FasterXML/jackson-databind/issues/1737
reference_id
reference_type
scores
url	https://github.com/FasterXML/jackson-databind/issues/1737

reference_url

https://lists.apache.org/thread.html/3c87dc8bca99a2b3b4743713b33d1de05b1d6b761fdf316224e9c81f@%3Cdev.lucene.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/3c87dc8bca99a2b3b4743713b33d1de05b1d6b761fdf316224e9c81f@%3Cdev.lucene.apache.org%3E

reference_url

https://lists.apache.org/thread.html/4641ed8616ccc2c1fbddac2c3dc9900c96387bc226eaf0232d61909b@%3Ccommits.cassandra.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/4641ed8616ccc2c1fbddac2c3dc9900c96387bc226eaf0232d61909b@%3Ccommits.cassandra.apache.org%3E

reference_url

https://lists.apache.org/thread.html/5008bcbd45ee65ce39e4220b6ac53d28a24d6bc67d5804e9773a7399@%3Csolr-user.lucene.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/5008bcbd45ee65ce39e4220b6ac53d28a24d6bc67d5804e9773a7399@%3Csolr-user.lucene.apache.org%3E

reference_url

https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E

reference_url

https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b1f33fe5ade396bb903fdcabe9f243f7692c7dfce5418d3743c2d346@%3Cdev.lucene.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b1f33fe5ade396bb903fdcabe9f243f7692c7dfce5418d3743c2d346@%3Cdev.lucene.apache.org%3E

reference_url

https://lists.apache.org/thread.html/c10a2bf0fdc3d25faf17bd191d6ec46b29a353fa9c97bebd7c4e5913@%3Cdev.lucene.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/c10a2bf0fdc3d25faf17bd191d6ec46b29a353fa9c97bebd7c4e5913@%3Cdev.lucene.apache.org%3E

reference_url

https://lists.apache.org/thread.html/c2ed4c0126b43e324cf740012a0edd371fd36096fd777be7bfe7a2a6@%3Cdev.lucene.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/c2ed4c0126b43e324cf740012a0edd371fd36096fd777be7bfe7a2a6@%3Cdev.lucene.apache.org%3E

reference_url

https://lists.apache.org/thread.html/c9d5ff20929e8a3c8794facf4c4b326a9c10618812eec356caa20b87@%3Csolr-user.lucene.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/c9d5ff20929e8a3c8794facf4c4b326a9c10618812eec356caa20b87@%3Csolr-user.lucene.apache.org%3E

reference_url

https://lists.apache.org/thread.html/f095a791bda6c0595f691eddd0febb2d396987eec5cbd29120d8c629@%3Csolr-user.lucene.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/f095a791bda6c0595f691eddd0febb2d396987eec5cbd29120d8c629@%3Csolr-user.lucene.apache.org%3E

reference_url

https://lists.apache.org/thread.html/f60afd3c7e9ebaaf70fad4a4beb75cf8740ac959017a31e7006c7486@%3Cdev.lucene.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/f60afd3c7e9ebaaf70fad4a4beb75cf8740ac959017a31e7006c7486@%3Cdev.lucene.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r42ac3e39e6265db12d9fc6ae1cd4b5fea7aed9830dc6f6d58228fed7@%3Ccommits.cassandra.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r42ac3e39e6265db12d9fc6ae1cd4b5fea7aed9830dc6f6d58228fed7@%3Ccommits.cassandra.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r68acf97f4526ba59a33cc6e592261ea4f85d890f99e79c82d57dd589@%3Cissues.spark.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r68acf97f4526ba59a33cc6e592261ea4f85d890f99e79c82d57dd589@%3Cissues.spark.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf7f87810c38dc9abf9f93989f76008f504cbf7c1a355214640b2d04c@%3Ccommits.cassandra.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf7f87810c38dc9abf9f93989f76008f504cbf7c1a355214640b2d04c@%3Ccommits.cassandra.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2020/01/msg00037.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/01/msg00037.html

reference_url

https://lists.debian.org/debian-lts-announce/2020/08/msg00039.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/08/msg00039.html

reference_url

https://security.netapp.com/advisory/ntap-20171214-0002

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20171214-0002

reference_url

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03902en_us

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03902en_us

reference_url

https://www.debian.org/security/2017/dsa-4004

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2017/dsa-4004

reference_url	https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true
reference_id
reference_type
scores
url	https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_url

http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

reference_url

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

reference_url

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

reference_url	http://www.securityfocus.com/bid/99623
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/99623

reference_url	http://www.securitytracker.com/id/1039744
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039744

reference_url	http://www.securitytracker.com/id/1039947
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039947

reference_url	http://www.securitytracker.com/id/1040360
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040360

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870848
reference_id	870848
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870848

reference_url

reference_id

CVE-2017-7525

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36186.json

reference_url	https://usn.ubuntu.com/4741-1/
reference_id	USN-4741-1
reference_type
scores
url	https://usn.ubuntu.com/4741-1/

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.1

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2x39-rsxh-rkgw

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5r6v-ej7d-ubgv

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-6zee-aqcc-vfbp

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-ceub-d4s9-dkcd

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-g8gt-d7gz-13e6

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-m7jp-7n22-4qg8

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-unwq-s63h-uuaw

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x6g1-qw1v-jbas

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-zdwv-ycey-myfc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.1

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.9

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2x39-rsxh-rkgw

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5r6v-ej7d-ubgv

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-6zee-aqcc-vfbp

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-ceub-d4s9-dkcd

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-g8gt-d7gz-13e6

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-m7jp-7n22-4qg8

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-unwq-s63h-uuaw

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x6g1-qw1v-jbas

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-zdwv-ycey-myfc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.9

aliases CVE-2017-7525, GHSA-qxxx-2pp7-5hmx

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v84e-sf92-dqa1

url VCID-wds4-urpb-euby

vulnerability_id VCID-wds4-urpb-euby

summary

Unsafe Deserialization in jackson-databind
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to `org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource`.

references

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36186.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-36186

reference_id

reference_type

scores

value	0.02413
scoring_system	epss
scoring_elements	0.85105
published_at	2026-04-13T12:55:00Z

value	0.02413
scoring_system	epss
scoring_elements	0.85108
published_at	2026-04-12T12:55:00Z

value	0.02413
scoring_system	epss
scoring_elements	0.8511
published_at	2026-04-11T12:55:00Z

value	0.02413
scoring_system	epss
scoring_elements	0.85094
published_at	2026-04-09T12:55:00Z

value	0.02413
scoring_system	epss
scoring_elements	0.85087
published_at	2026-04-08T12:55:00Z

value	0.02413
scoring_system	epss
scoring_elements	0.85065
published_at	2026-04-07T12:55:00Z

value	0.02413
scoring_system	epss
scoring_elements	0.85061
published_at	2026-04-04T12:55:00Z

value	0.02413
scoring_system	epss
scoring_elements	0.85031
published_at	2026-04-01T12:55:00Z

value	0.02413
scoring_system	epss
scoring_elements	0.85044
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-36186

reference_url

https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36186
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36186

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/3e8fa3beea49ea62109df9e643c9cb678dabdde1

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/3e8fa3beea49ea62109df9e643c9cb678dabdde1

reference_url

https://github.com/FasterXML/jackson-databind/issues/2997

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2997

reference_url

https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html

reference_url

https://security.netapp.com/advisory/ntap-20210205-0005

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20210205-0005

reference_url	https://security.netapp.com/advisory/ntap-20210205-0005/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20210205-0005/

reference_url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1913931
reference_id	1913931
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1913931

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-36186

reference_id

CVE-2020-36186

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-36186

reference_url

https://github.com/advisories/GHSA-v585-23hc-c647

reference_id

GHSA-v585-23hc-c647

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-v585-23hc-c647

reference_url	https://access.redhat.com/errata/RHSA-2021:1230
reference_id	RHSA-2021:1230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1230

reference_url	https://access.redhat.com/errata/RHSA-2021:1515
reference_id	RHSA-2021:1515
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1515

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8

aliases CVE-2020-36186, GHSA-v585-23hc-c647

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wds4-urpb-euby

url VCID-x6g1-qw1v-jbas

vulnerability_id VCID-x6g1-qw1v-jbas

summary FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.

references

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:1786

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:1786

reference_url

https://access.redhat.com/errata/RHSA-2018:2088

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:2088

reference_url

https://access.redhat.com/errata/RHSA-2018:2089

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:2089

reference_url

https://access.redhat.com/errata/RHSA-2018:2090

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:2090

reference_url

https://access.redhat.com/errata/RHSA-2018:2938

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:2938

reference_url

https://access.redhat.com/errata/RHSA-2018:2939

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:2939

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7489.json

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7489.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-7489

reference_id

reference_type

scores

value	0.36207
scoring_system	epss
scoring_elements	0.97086
published_at	2026-04-07T12:55:00Z

value	0.36207
scoring_system	epss
scoring_elements	0.97101
published_at	2026-04-13T12:55:00Z

value	0.36207
scoring_system	epss
scoring_elements	0.971
published_at	2026-04-11T12:55:00Z

value	0.36207
scoring_system	epss
scoring_elements	0.97096
published_at	2026-04-09T12:55:00Z

value	0.36207
scoring_system	epss
scoring_elements	0.97085
published_at	2026-04-04T12:55:00Z

value	0.36207
scoring_system	epss
scoring_elements	0.97081
published_at	2026-04-02T12:55:00Z

value	0.36207
scoring_system	epss
scoring_elements	0.97074
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-7489

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7489
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7489

reference_url

https://github.com/advisories/GHSA-cggj-fvv3-cqwv

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-cggj-fvv3-cqwv

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/6799f8f10cc78e9af6d443ed6982d00a13f2e7d2

reference_url	https://github.com/FasterXML/jackson-databind/commit/60d459cedcf079c6106ae7da2ac562bc32dcabe1
reference_id
reference_type
scores
url	https://github.com/FasterXML/jackson-databind/commit/60d459cedcf079c6106ae7da2ac562bc32dcabe1

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/6799f8f10cc78e9af6d443ed6982d00a13f2e7d2

reference_url

https://github.com/FasterXML/jackson-databind/commit/bc22f90eb7f896ace9567598a99cb1ff6e0f9d9d

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/bc22f90eb7f896ace9567598a99cb1ff6e0f9d9d

reference_url

https://github.com/FasterXML/jackson-databind/commit/c921f0935d5e41bf206e702d8077a275ba1a6efc

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/c921f0935d5e41bf206e702d8077a275ba1a6efc

reference_url

https://github.com/FasterXML/jackson-databind/commit/ca2bfc86af82a1479112004b663ba74c760752e6

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/ca2bfc86af82a1479112004b663ba74c760752e6

reference_url	https://github.com/FasterXML/jackson-databind/commit/ddfddfba6414adbecaff99684ef66eebd3a92e92
reference_id
reference_type
scores
url	https://github.com/FasterXML/jackson-databind/commit/ddfddfba6414adbecaff99684ef66eebd3a92e92

reference_url

https://github.com/FasterXML/jackson-databind/commit/e66c0a9d3c926ff1b63bf586c824ead1d02f2a3d

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/e66c0a9d3c926ff1b63bf586c824ead1d02f2a3d

reference_url	https://github.com/FasterXML/jackson-databind/commit/e8f043d1aac9b82eee907e0f0c3abbdea723a935
reference_id
reference_type
scores
url	https://github.com/FasterXML/jackson-databind/commit/e8f043d1aac9b82eee907e0f0c3abbdea723a935

reference_url

https://github.com/FasterXML/jackson-databind/issues/1931

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/1931

reference_url

https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E

reference_url

https://security.netapp.com/advisory/ntap-20180328-0001

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20180328-0001

reference_url	https://security.netapp.com/advisory/ntap-20180328-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20180328-0001/

reference_url

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03902en_us

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03902en_us

reference_url

https://www.debian.org/security/2018/dsa-4190

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2018/dsa-4190

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_url

http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

reference_url

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

reference_url

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

reference_url	http://www.securityfocus.com/bid/103203
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/103203

reference_url	http://www.securitytracker.com/id/1040693
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040693

reference_url	http://www.securitytracker.com/id/1041890
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1041890

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1549276
reference_id	1549276
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1549276

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891614
reference_id	891614
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891614

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-7489

reference_id

CVE-2018-7489

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-7489

reference_url	https://access.redhat.com/errata/RHSA-2020:2562
reference_id	RHSA-2020:2562
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2562

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.3

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2ev8-r6cx-a3an

vulnerability	VCID-2x39-rsxh-rkgw

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5r6v-ej7d-ubgv

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-6zee-aqcc-vfbp

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-g8gt-d7gz-13e6

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-m7jp-7n22-4qg8

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-unwq-s63h-uuaw

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-zdwv-ycey-myfc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.3

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.1

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2ev8-r6cx-a3an

vulnerability	VCID-2x39-rsxh-rkgw

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5r6v-ej7d-ubgv

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-6zee-aqcc-vfbp

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-g8gt-d7gz-13e6

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-m7jp-7n22-4qg8

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-zdwv-ycey-myfc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.1

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2qzn-mkhg-1qh3

vulnerability	VCID-2x39-rsxh-rkgw

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-3wa1-khqf-x7fv

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-5r6v-ej7d-ubgv

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-6zee-aqcc-vfbp

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-a5sk-5grx-eyaf

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-g8gt-d7gz-13e6

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-m7jp-7n22-4qg8

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tkej-jh51-s7g5

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-twvp-wxff-zka2

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x4fr-ena4-47fe

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-zdwv-ycey-myfc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.5

aliases CVE-2018-7489, GHSA-cggj-fvv3-cqwv

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x6g1-qw1v-jbas

url VCID-x8c2-2u1w-yyfn

vulnerability_id VCID-x8c2-2u1w-yyfn

summary

Polymorphic deserialization of malicious object in jackson-databind
A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5, and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code.

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14892.json

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14892.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14892

reference_id

reference_type

scores

value	0.00873
scoring_system	epss
scoring_elements	0.75274
published_at	2026-04-11T12:55:00Z

value	0.00873
scoring_system	epss
scoring_elements	0.75253
published_at	2026-04-09T12:55:00Z

value	0.00873
scoring_system	epss
scoring_elements	0.75242
published_at	2026-04-08T12:55:00Z

value	0.00873
scoring_system	epss
scoring_elements	0.752
published_at	2026-04-07T12:55:00Z

value	0.00873
scoring_system	epss
scoring_elements	0.75223
published_at	2026-04-04T12:55:00Z

value	0.00873
scoring_system	epss
scoring_elements	0.75188
published_at	2026-04-01T12:55:00Z

value	0.00873
scoring_system	epss
scoring_elements	0.75191
published_at	2026-04-02T12:55:00Z

value	0.00873
scoring_system	epss
scoring_elements	0.75241
published_at	2026-04-13T12:55:00Z

value	0.00873
scoring_system	epss
scoring_elements	0.75252
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14892

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14892

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14892

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14892
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14892

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/41b7f9b90149e9d44a65a8261a8deedc7186f6af

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/41b7f9b90149e9d44a65a8261a8deedc7186f6af

reference_url

https://github.com/FasterXML/jackson-databind/commit/819cdbcab51c6da9fb896380f2d46e9b7d4fdc3b

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/819cdbcab51c6da9fb896380f2d46e9b7d4fdc3b

reference_url

https://github.com/FasterXML/jackson-databind/issues/2462

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2462

reference_url

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-14892

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-14892

reference_url

https://security.netapp.com/advisory/ntap-20200904-0005

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200904-0005

reference_url	https://security.netapp.com/advisory/ntap-20200904-0005/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200904-0005/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1758171
reference_id	1758171
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1758171

reference_url

https://github.com/advisories/GHSA-cf6r-3wgc-h863

reference_id

GHSA-cf6r-3wgc-h863

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-cf6r-3wgc-h863

reference_url	https://access.redhat.com/errata/RHSA-2020:0895
reference_id	RHSA-2020:0895
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0895

reference_url	https://access.redhat.com/errata/RHSA-2020:0899
reference_id	RHSA-2020:0899
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0899

reference_url	https://access.redhat.com/errata/RHSA-2020:2067
reference_id	RHSA-2020:2067
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2067

reference_url	https://access.redhat.com/errata/RHSA-2020:2333
reference_id	RHSA-2020:2333
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2333

reference_url	https://access.redhat.com/errata/RHSA-2020:3192
reference_id	RHSA-2020:3192
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3192

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-2qzn-mkhg-1qh3

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-3wa1-khqf-x7fv

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-a5sk-5grx-eyaf

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tkej-jh51-s7g5

vulnerability	VCID-twvp-wxff-zka2

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x4fr-ena4-47fe

vulnerability	VCID-xnyb-nuwm-pkdr

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10

aliases CVE-2019-14892, GHSA-cf6r-3wgc-h863

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x8c2-2u1w-yyfn

url VCID-xnyb-nuwm-pkdr

vulnerability_id VCID-xnyb-nuwm-pkdr

summary

Deserialization of Untrusted Data in jackson-databind
FasterXML jackson-databind 2.x before 2.6.7.4, 2.7.x before 2.7.9.7, 2.8.x before 2.8.11.5 and 2.9.x before 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8840.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8840.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8840

reference_id

reference_type

scores

value	0.08164
scoring_system	epss
scoring_elements	0.92187
published_at	2026-04-13T12:55:00Z

value	0.08164
scoring_system	epss
scoring_elements	0.92191
published_at	2026-04-12T12:55:00Z

value	0.08164
scoring_system	epss
scoring_elements	0.9219
published_at	2026-04-11T12:55:00Z

value	0.08164
scoring_system	epss
scoring_elements	0.92154
published_at	2026-04-01T12:55:00Z

value	0.08164
scoring_system	epss
scoring_elements	0.92185
published_at	2026-04-09T12:55:00Z

value	0.08164
scoring_system	epss
scoring_elements	0.92182
published_at	2026-04-08T12:55:00Z

value	0.08164
scoring_system	epss
scoring_elements	0.92171
published_at	2026-04-07T12:55:00Z

value	0.08164
scoring_system	epss
scoring_elements	0.92167
published_at	2026-04-04T12:55:00Z

value	0.08164
scoring_system	epss
scoring_elements	0.92161
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8840

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8840
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8840

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/74aba4042fce35ee0b91bd2847e788c10040d78b

reference_url

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/74aba4042fce35ee0b91bd2847e788c10040d78b

reference_url

https://github.com/FasterXML/jackson-databind/commit/914e7c9f2cb8ce66724bf26a72adc7e958992497

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/914e7c9f2cb8ce66724bf26a72adc7e958992497

reference_url

https://github.com/FasterXML/jackson-databind/commit/9bb52c7122271df75435ec7e66ecf6b02b1ee14f

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/9bb52c7122271df75435ec7e66ecf6b02b1ee14f

reference_url

https://github.com/FasterXML/jackson-databind/issues/2620

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2620

reference_url

https://lists.apache.org/thread.html/r078e68a926ea6be12e8404e47f45aabf04bb4668e8265c0de41db6db@%3Ccommits.druid.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r078e68a926ea6be12e8404e47f45aabf04bb4668e8265c0de41db6db@%3Ccommits.druid.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r1c09b9551f6953dbeca190a4c4b78198cdbb9825fce36f96fe3d8218@%3Cdev.tomee.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r1c09b9551f6953dbeca190a4c4b78198cdbb9825fce36f96fe3d8218@%3Cdev.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r1efc776fc6ce3387593deaa94bbdd296733b1b01408a39c8d1ab9e0e@%3Cdev.ranger.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r1efc776fc6ce3387593deaa94bbdd296733b1b01408a39c8d1ab9e0e@%3Cdev.ranger.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r2fa8046bd47fb407ca09b5107a80fa6147ba4ebe879caae5c98b7657@%3Cdev.ranger.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r2fa8046bd47fb407ca09b5107a80fa6147ba4ebe879caae5c98b7657@%3Cdev.ranger.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r319f19c74e06c201b9d4e8b282a4e4b2da6dcda022fb46f007dd00d3@%3Ccommits.druid.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r319f19c74e06c201b9d4e8b282a4e4b2da6dcda022fb46f007dd00d3@%3Ccommits.druid.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3539bd3a377991217d724879d239e16e86001c54160076408574e1da@%3Cnotifications.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3539bd3a377991217d724879d239e16e86001c54160076408574e1da@%3Cnotifications.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3d20a2660b36551fd8257d479941782af4a7169582449fac1704bde2@%3Ccommits.druid.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3d20a2660b36551fd8257d479941782af4a7169582449fac1704bde2@%3Ccommits.druid.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r428d068b2a4923f1a5a4f5fc6381b95205cfe7620169d16db78e9c71@%3Cnotifications.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r428d068b2a4923f1a5a4f5fc6381b95205cfe7620169d16db78e9c71@%3Cnotifications.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r446646c5588b10f5e02409ad580b12f314869009cdfbf844ca395cec@%3Cdev.ranger.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r446646c5588b10f5e02409ad580b12f314869009cdfbf844ca395cec@%3Cdev.ranger.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r46bebdeb59b8b7212d63a010ca445a9f5c4e9d64dcf693cab6f399d3@%3Ccommits.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r46bebdeb59b8b7212d63a010ca445a9f5c4e9d64dcf693cab6f399d3@%3Ccommits.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r5d8bea8e9d17b6efcf4a0e4e194e91ef46a99f505777a31a60da2b38@%3Cdev.ranger.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r5d8bea8e9d17b6efcf4a0e4e194e91ef46a99f505777a31a60da2b38@%3Cdev.ranger.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r65ee95fa09c831843bac81eaa582fdddc2b6119912a72d1c83a9b882@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r65ee95fa09c831843bac81eaa582fdddc2b6119912a72d1c83a9b882@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r6fdd4c61a09a0c89f581b4ddb3dc6f154ab0c705fcfd0a7358b2e4e5@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r6fdd4c61a09a0c89f581b4ddb3dc6f154ab0c705fcfd0a7358b2e4e5@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r7762d69e85c58d6948823424017ef4c08f47de077644277fa18cc116@%3Cdev.ranger.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r7762d69e85c58d6948823424017ef4c08f47de077644277fa18cc116@%3Cdev.ranger.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r7e5c10534ed06bf805473ac85e8412fe3908a8fa4cabf5027bf11220@%3Cdev.kafka.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r7e5c10534ed06bf805473ac85e8412fe3908a8fa4cabf5027bf11220@%3Cdev.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r8170007fd9b263d65b37d92a7b5d7bc357aedbb113a32838bc4a9485@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r8170007fd9b263d65b37d92a7b5d7bc357aedbb113a32838bc4a9485@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r8e96c340004b7898cad3204ea51280ef6e4b553a684e1452bf1b18b1@%3Cjira.kafka.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r8e96c340004b7898cad3204ea51280ef6e4b553a684e1452bf1b18b1@%3Cjira.kafka.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r94930e39b60fff236160c1c4110fe884dc093044b067aa5fc98d7ee1@%3Cdev.ranger.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r94930e39b60fff236160c1c4110fe884dc093044b067aa5fc98d7ee1@%3Cdev.ranger.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9e59ebaf76fd00b2fa3ff5ebf18fe075ca9f4376216612c696f76718@%3Cdev.ranger.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r9e59ebaf76fd00b2fa3ff5ebf18fe075ca9f4376216612c696f76718@%3Cdev.ranger.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r9ecf211c22760b00967ebe158c6ed7dba9142078e2a630ab8904a5b7@%3Cdev.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r9ecf211c22760b00967ebe158c6ed7dba9142078e2a630ab8904a5b7@%3Cdev.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ra275f29615f35d5b40106d1582a41e5388b2a5131564e9e01a572987@%3Cdev.ranger.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ra275f29615f35d5b40106d1582a41e5388b2a5131564e9e01a572987@%3Cdev.ranger.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rac5ee5d686818be7e7c430d35108ee01a88aae54f832d32f62431fd1@%3Cnotifications.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rac5ee5d686818be7e7c430d35108ee01a88aae54f832d32f62431fd1@%3Cnotifications.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rb43f9a65150948a6bebd3cb77ee3e105d40db2820fd547528f4e7f89@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb43f9a65150948a6bebd3cb77ee3e105d40db2820fd547528f4e7f89@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rb5eedf90ba3633e171a2ffdfe484651c9490dc5df74c8a29244cbc0e@%3Ccommits.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb5eedf90ba3633e171a2ffdfe484651c9490dc5df74c8a29244cbc0e@%3Ccommits.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rb73708bf714ed6dbc1212da082e7703e586077f0c92f3940b2e82caf@%3Cdev.ranger.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb73708bf714ed6dbc1212da082e7703e586077f0c92f3940b2e82caf@%3Cdev.ranger.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rb99c7321eba5d4c907beec46675d52827528b738cfafd48eb4d862f1@%3Cdev.tomee.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb99c7321eba5d4c907beec46675d52827528b738cfafd48eb4d862f1@%3Cdev.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rc068e824654c4b8bd4f2490bec869e29edbfcd5dfe02d47cbf7433b2@%3Cdev.tomee.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rc068e824654c4b8bd4f2490bec869e29edbfcd5dfe02d47cbf7433b2@%3Cdev.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rc717fd6c65190f4e592345713f9ef0723fb7d71f624caa2a17caa26a@%3Cdev.ranger.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rc717fd6c65190f4e592345713f9ef0723fb7d71f624caa2a17caa26a@%3Cdev.ranger.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rcc72b497e3dff2dc62ec9b89ceb90bc4e1b14fc56c3c252a6fcbb013@%3Cdev.ranger.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rcc72b497e3dff2dc62ec9b89ceb90bc4e1b14fc56c3c252a6fcbb013@%3Cdev.ranger.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rdea588d4a0ebf9cb7ce8c3a8f18d0d306507c4f8ba178dd3d20207b8@%3Cdev.tomee.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rdea588d4a0ebf9cb7ce8c3a8f18d0d306507c4f8ba178dd3d20207b8@%3Cdev.tomee.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rdf311f13e6356297e0ffe74397fdd25a3687b0a16e687c3ff5b834d8@%3Cdev.ranger.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rdf311f13e6356297e0ffe74397fdd25a3687b0a16e687c3ff5b834d8@%3Cdev.ranger.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rdf8d389271a291dde3b2f99c36918d6cb1e796958af626cc140fee23@%3Ccommits.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rdf8d389271a291dde3b2f99c36918d6cb1e796958af626cc140fee23@%3Ccommits.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/re7326b8655eab931f2a9ce074fd9a1a51b5db11456bee9b48e1e170c@%3Cissues.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/re7326b8655eab931f2a9ce074fd9a1a51b5db11456bee9b48e1e170c@%3Cissues.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/re8ae2670ec456ef1c5a2a661a2838ab2cd00e9efa1e88c069f546f21@%3Ccommits.zookeeper.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/re8ae2670ec456ef1c5a2a661a2838ab2cd00e9efa1e88c069f546f21@%3Ccommits.zookeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf28ab6f224b48452afd567dfffb705fbda0fdbbf6535f6bc69d47e91@%3Cdev.ranger.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf28ab6f224b48452afd567dfffb705fbda0fdbbf6535f6bc69d47e91@%3Cdev.ranger.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rfc1ccfe89332155b72ce17f13a2701d3e7b9ec213324ceb90e79a28a@%3Cdev.ranger.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rfc1ccfe89332155b72ce17f13a2701d3e7b9ec213324ceb90e79a28a@%3Cdev.ranger.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2020/02/msg00020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2020/02/msg00020.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-8840

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-8840

reference_url

https://security.netapp.com/advisory/ntap-20200327-0002

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200327-0002

reference_url	https://security.netapp.com/advisory/ntap-20200327-0002/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200327-0002/

reference_url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-01-fastjason-en

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-01-fastjason-en

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1816330
reference_id	1816330
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1816330

reference_url

https://github.com/advisories/GHSA-4w82-r329-3q67

reference_id

GHSA-4w82-r329-3q67

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-4w82-r329-3q67

reference_url	https://access.redhat.com/errata/RHSA-2020:1644
reference_id	RHSA-2020:1644
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1644

reference_url	https://access.redhat.com/errata/RHSA-2020:2067
reference_id	RHSA-2020:2067
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2067

reference_url	https://access.redhat.com/errata/RHSA-2020:2511
reference_id	RHSA-2020:2511
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2511

reference_url	https://access.redhat.com/errata/RHSA-2020:2512
reference_id	RHSA-2020:2512
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2512

reference_url	https://access.redhat.com/errata/RHSA-2020:2513
reference_id	RHSA-2020:2513
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2513

reference_url	https://access.redhat.com/errata/RHSA-2020:2515
reference_id	RHSA-2020:2515
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2515

reference_url	https://access.redhat.com/errata/RHSA-2020:2813
reference_id	RHSA-2020:2813
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2813

reference_url	https://access.redhat.com/errata/RHSA-2020:3192
reference_id	RHSA-2020:3192
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3192

reference_url	https://access.redhat.com/errata/RHSA-2020:3196
reference_id	RHSA-2020:3196
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3196

reference_url	https://access.redhat.com/errata/RHSA-2020:3197
reference_id	RHSA-2020:3197
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3197

reference_url	https://access.redhat.com/errata/RHSA-2020:3779
reference_id	RHSA-2020:3779
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3779

reference_url	https://access.redhat.com/errata/RHSA-2020:4366
reference_id	RHSA-2020:4366
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4366

reference_url	https://access.redhat.com/errata/RHSA-2025:1746
reference_id	RHSA-2025:1746
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1746

reference_url	https://usn.ubuntu.com/USN-4813-1/
reference_id	USN-USN-4813-1
reference_type
scores
url	https://usn.ubuntu.com/USN-4813-1/

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.7

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-96pq-m4f3-zbad

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tm7y-tnx3-43dq

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x8c2-2u1w-yyfn

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.7

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16af-yv1z-xufy

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-75mz-c1ds-vqed

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-8jw8-6tev-aqgm

vulnerability	VCID-8tmq-zbmb-m7h4

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-avut-gmwd-jqfp

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-bypv-wfhs-sbe4

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-fafy-ugq3-cfbn

vulnerability	VCID-g6up-yqg8-nbep

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-jx9y-fyfm-bqdr

vulnerability	VCID-svkb-adja-qfef

vulnerability	VCID-sw29-epz3-g7ep

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-ypbt-p34k-hfbc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.3

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2qzn-mkhg-1qh3

vulnerability	VCID-3qjf-azsa-fbek

vulnerability	VCID-3wa1-khqf-x7fv

vulnerability	VCID-5qfd-jjh1-d3fx

vulnerability	VCID-5te6-415m-c7df

vulnerability	VCID-8h7y-y4pv-cyd3

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-9qdt-7p83-4yd8

vulnerability	VCID-a5sk-5grx-eyaf

vulnerability	VCID-bydt-bkf4-rbh2

vulnerability	VCID-cytp-mr4h-g3ds

vulnerability	VCID-hwnx-vf4v-f3db

vulnerability	VCID-jcgb-bewy-4kff

vulnerability	VCID-pnt3-1ssq-tqau

vulnerability	VCID-swqd-uk56-wkat

vulnerability	VCID-tkej-jh51-s7g5

vulnerability	VCID-twvp-wxff-zka2

vulnerability	VCID-u87p-2xgz-e3fj

vulnerability	VCID-ukwd-7rkh-sfhj

vulnerability	VCID-uygc-h93v-vuh8

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

vulnerability	VCID-w51e-ntqd-8bbg

vulnerability	VCID-wdgx-34uc-2qa4

vulnerability	VCID-wds4-urpb-euby

vulnerability	VCID-x4fr-ena4-47fe

vulnerability	VCID-ypbt-p34k-hfbc

vulnerability	VCID-ze79-6kcg-nfcp

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.3

aliases CVE-2020-8840, GHSA-4w82-r329-3q67

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xnyb-nuwm-pkdr

url VCID-ypbt-p34k-hfbc

vulnerability_id VCID-ypbt-p34k-hfbc

summary

Serialization gadgets exploit in jackson-databind
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35490.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35490.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-35490

reference_id

reference_type

scores

value	0.03916
scoring_system	epss
scoring_elements	0.88303
published_at	2026-04-13T12:55:00Z

value	0.03916
scoring_system	epss
scoring_elements	0.88311
published_at	2026-04-11T12:55:00Z

value	0.03916
scoring_system	epss
scoring_elements	0.88301
published_at	2026-04-09T12:55:00Z

value	0.03916
scoring_system	epss
scoring_elements	0.88295
published_at	2026-04-08T12:55:00Z

value	0.03916
scoring_system	epss
scoring_elements	0.88275
published_at	2026-04-07T12:55:00Z

value	0.03916
scoring_system	epss
scoring_elements	0.8827
published_at	2026-04-04T12:55:00Z

value	0.03916
scoring_system	epss
scoring_elements	0.88247
published_at	2026-04-01T12:55:00Z

value	0.03916
scoring_system	epss
scoring_elements	0.88254
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-35490

reference_url

https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35490
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35490

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/41b8bdb5ccc1d8edb71acf1c8234da235a24249d

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/41b8bdb5ccc1d8edb71acf1c8234da235a24249d

reference_url

https://github.com/FasterXML/jackson-databind/issues/2986

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2986

reference_url

https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2021/04/msg00025.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-35490

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-35490

reference_url

https://security.netapp.com/advisory/ntap-20210122-0005

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20210122-0005

reference_url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2022.html

reference_url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1909266
reference_id	1909266
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1909266

reference_url

https://github.com/advisories/GHSA-wh8g-3j2c-rqj5

reference_id

GHSA-wh8g-3j2c-rqj5

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-wh8g-3j2c-rqj5

reference_url	https://access.redhat.com/errata/RHSA-2021:1230
reference_id	RHSA-2021:1230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1230

reference_url	https://access.redhat.com/errata/RHSA-2021:1515
reference_id	RHSA-2021:1515
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1515

fixed_packages

url pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8

purl pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-9h46-72hw-bkcr

vulnerability	VCID-v2pq-1qhm-4qb9

vulnerability	VCID-v6ek-y7cn-kycd

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.8

aliases CVE-2020-35490, GHSA-wh8g-3j2c-rqj5

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ypbt-p34k-hfbc

url VCID-zdwv-ycey-myfc

vulnerability_id VCID-zdwv-ycey-myfc

summary An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Oracle JDBC jar in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload.

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12023.json

reference_url

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12023.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-12023

reference_id

reference_type

scores

value	0.04812
scoring_system	epss
scoring_elements	0.895
published_at	2026-04-13T12:55:00Z

value	0.04812
scoring_system	epss
scoring_elements	0.89461
published_at	2026-04-01T12:55:00Z

value	0.04812
scoring_system	epss
scoring_elements	0.89465
published_at	2026-04-02T12:55:00Z

value	0.04812
scoring_system	epss
scoring_elements	0.89477
published_at	2026-04-04T12:55:00Z

value	0.04812
scoring_system	epss
scoring_elements	0.89478
published_at	2026-04-07T12:55:00Z

value	0.04812
scoring_system	epss
scoring_elements	0.89494
published_at	2026-04-08T12:55:00Z

value	0.04812
scoring_system	epss
scoring_elements	0.89498
published_at	2026-04-09T12:55:00Z

value	0.04812
scoring_system	epss
scoring_elements	0.89507
published_at	2026-04-11T12:55:00Z

value	0.04812
scoring_system	epss
scoring_elements	0.89505
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-12023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11307
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11307

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14718
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14718

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14719
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14719

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14720
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14720

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226a

reference_url	https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226
reference_id
reference_type
scores
url	https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226a

reference_url

https://github.com/FasterXML/jackson-databind/commit/7487cf7eb14be2f65a1eb108e8629c07ef45e0a

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/7487cf7eb14be2f65a1eb108e8629c07ef45e0a

reference_url

https://github.com/FasterXML/jackson-databind/commit/bf261d404c2f79fd3406237710d40ebb03c99d84

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/commit/bf261d404c2f79fd3406237710d40ebb03c99d84

reference_url

https://github.com/FasterXML/jackson-databind/issues/2058

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/FasterXML/jackson-databind/issues/2058

reference_url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E

reference_url	https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d%40%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d%40%3Cissues.lucene.apache.org%3E

reference_url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E

reference_url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZEDLDUYBSTDY4GWDBUXGJNS2RFYTFVRC/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZEDLDUYBSTDY4GWDBUXGJNS2RFYTFVRC/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZEDLDUYBSTDY4GWDBUXGJNS2RFYTFVRC

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZEDLDUYBSTDY4GWDBUXGJNS2RFYTFVRC

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-12023

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-12023

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190530-0003

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190530-0003

reference_url	https://security.netapp.com/advisory/ntap-20190530-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190530-0003/

reference_url

https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE.pdf

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE.pdf

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url