Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/420366?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/420366?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.0.0-RC3", "type": "maven", "namespace": "com.fasterxml.jackson.core", "name": "jackson-databind", "version": "2.0.0-RC3", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.12.7.1", "latest_non_vulnerable_version": "2.16.0", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30432?format=api", "vulnerability_id": "VCID-176g-xhm6-37cm", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0782", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:0782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0877", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:0877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1106", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1106" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1107", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1107" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1108", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1108" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1140", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1822", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1823", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2804", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3002", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3140", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4037", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:4037" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12022.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12022.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12022", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03035", "scoring_system": "epss", "scoring_elements": "0.87012", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.03035", "scoring_system": "epss", "scoring_elements": "0.8696", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.03035", "scoring_system": "epss", "scoring_elements": "0.87006", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.03035", "scoring_system": "epss", "scoring_elements": "0.87016", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12022" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671098", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671098" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14718", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14718" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14719", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14719" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14720", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14720" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086" }, { "reference_url": "https://github.com/FasterXML/jackson-databind", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226a", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/28badf7ef60ac3e7ef151cd8e8ec010b8479226a" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/7487cf7eb14be2f65a1eb108e8629c07ef45e0a", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/7487cf7eb14be2f65a1eb108e8629c07ef45e0a" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/bf261d404c2f79fd3406237710d40ebb03c99d84", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/bf261d404c2f79fd3406237710d40ebb03c99d84" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/issues/2052", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/issues/2052" }, { "reference_url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZEDLDUYBSTDY4GWDBUXGJNS2RFYTFVRC", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZEDLDUYBSTDY4GWDBUXGJNS2RFYTFVRC" }, { "reference_url": "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062" }, { "reference_url": "https://seclists.org/bugtraq/2019/May/68", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://seclists.org/bugtraq/2019/May/68" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190530-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190530-0003" }, { "reference_url": "https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE.pdf" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4452", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2019/dsa-4452" }, { "reference_url": "http://www.securityfocus.com/bid/107585", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/107585" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671097", "reference_id": "1671097", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671097" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12022", "reference_id": "CVE-2018-12022", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12022" }, { "reference_url": "https://github.com/advisories/GHSA-cjjf-94ff-43w7", "reference_id": "GHSA-cjjf-94ff-43w7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cjjf-94ff-43w7" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1782", "reference_id": "RHSA-2019:1782", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1797", "reference_id": "RHSA-2019:1797", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2858", "reference_id": "RHSA-2019:2858", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3149", "reference_id": "RHSA-2019:3149", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3149" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3892", "reference_id": "RHSA-2019:3892", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3892" }, { "reference_url": "https://usn.ubuntu.com/USN-4813-1/", "reference_id": "USN-USN-4813-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4813-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/14700?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5j5q-hb8b-7ybh" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-83rf-bazr-nyfm" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-9xet-5e66-1yeb" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-cdde-bu2g-33hc" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-dcvw-72d9-kuda" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-kecy-wbgw-x7fu" }, { "vulnerability": "VCID-kens-84bv-f3g9" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-punf-m42j-27g8" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-skzq-uaju-hqa7" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-wcx6-jegk-mqg5" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/14702?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5j5q-hb8b-7ybh" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-83rf-bazr-nyfm" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-9xet-5e66-1yeb" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-cdde-bu2g-33hc" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-dcvw-72d9-kuda" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-kecy-wbgw-x7fu" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-punf-m42j-27g8" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-skzq-uaju-hqa7" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-wcx6-jegk-mqg5" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/15097?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5j5q-hb8b-7ybh" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-7zr2-u3f1-jqd1" }, { "vulnerability": "VCID-83rf-bazr-nyfm" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9wy4-n4u7-pycp" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-9xet-5e66-1yeb" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-cdde-bu2g-33hc" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-dcvw-72d9-kuda" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-gkxx-gcqv-1kfa" }, { "vulnerability": "VCID-gu8e-dgse-2be4" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j5vg-pbkx-3ya4" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-jftj-9w4n-w3dn" }, { "vulnerability": "VCID-kecy-wbgw-x7fu" }, { "vulnerability": "VCID-nasd-q68s-nqcu" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-pbp8-csc6-57bs" }, { "vulnerability": "VCID-punf-m42j-27g8" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-s846-v89n-pfb4" }, { "vulnerability": "VCID-skzq-uaju-hqa7" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-v2ad-amun-wqaq" }, { "vulnerability": "VCID-wcx6-jegk-mqg5" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-yk4b-82wg-auf5" }, { "vulnerability": "VCID-ykb2-yqj3-vfgw" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-yn5b-b6qq-xffs" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" }, { "vulnerability": "VCID-yv39-gzve-yke1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.6" } ], "aliases": [ "CVE-2018-12022", "GHSA-cjjf-94ff-43w7" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-176g-xhm6-37cm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7480?format=api", "vulnerability_id": "VCID-1rbn-tr82-nfhs", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10650", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08792", "scoring_system": "epss", "scoring_elements": "0.92706", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.08792", "scoring_system": "epss", "scoring_elements": "0.92733", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.08792", "scoring_system": "epss", "scoring_elements": "0.92734", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.08792", "scoring_system": "epss", "scoring_elements": "0.92731", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10650" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10650", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10650" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/FasterXML/jackson-databind", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/pull/2864", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/pull/2864" }, { "reference_url": "https://github.com/luisgarciacheckmarx/LGV_onefile/issues/19", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/luisgarciacheckmarx/LGV_onefile/issues/19" }, { "reference_url": "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230818-0007", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20230818-0007" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/issues/2658", "reference_id": "2658", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-14T16:21:17Z/" } ], "url": "https://github.com/FasterXML/jackson-databind/issues/2658" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/a424c038ba0c0d65e579e22001dec925902ac0ef", "reference_id": "a424c038ba0c0d65e579e22001dec925902ac0ef", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-14T16:21:17Z/" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/a424c038ba0c0d65e579e22001dec925902ac0ef" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2021.html", "reference_id": "cpujan2021.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-14T16:21:17Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2022.html", "reference_id": "cpuoct2022.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-14T16:21:17Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2022.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10650", "reference_id": "CVE-2020-10650", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10650" }, { "reference_url": "https://github.com/advisories/GHSA-rpr3-cw39-3pxh", "reference_id": "GHSA-rpr3-cw39-3pxh", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-14T16:21:17Z/" } ], "url": "https://github.com/advisories/GHSA-rpr3-cw39-3pxh" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00032.html", "reference_id": "msg00032.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-14T16:21:17Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00032.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230818-0007/", "reference_id": "ntap-20230818-0007", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-14T16:21:17Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230818-0007/" }, { "reference_url": "https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062", "reference_id": "on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-14T16:21:17Z/" } ], "url": "https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/16392?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-gu8e-dgse-2be4" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-jftj-9w4n-w3dn" }, { "vulnerability": "VCID-pbp8-csc6-57bs" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-v2ad-amun-wqaq" }, { "vulnerability": "VCID-ykb2-yqj3-vfgw" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10.4" } ], "aliases": [ "CVE-2020-10650", "GHSA-rpr3-cw39-3pxh", "GMS-2022-2955" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1rbn-tr82-nfhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8623?format=api", "vulnerability_id": "VCID-1zgj-pwjz-tkf9", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36518.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36518.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36518", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.65315", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.65317", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.65306", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.65206", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42003", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42003" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42004", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42004" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/FasterXML/jackson-databind", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/0a8157c6ca478b1bc7be4ba7dccdb3863275f0de", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/0a8157c6ca478b1bc7be4ba7dccdb3863275f0de" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/3cc52f82ecf943e06c1d7c3b078e405fb3923d2b", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/3cc52f82ecf943e06c1d7c3b078e405fb3923d2b" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/8238ab41d0350fb915797c89d46777b4496b74fd", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/8238ab41d0350fb915797c89d46777b4496b74fd" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/b3587924ee5d8695942f364d0d404d48d0ea6126", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/b3587924ee5d8695942f364d0d404d48d0ea6126" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/fcfc4998ec23f0b1f7f8a9521c2b317b6c25892b", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/fcfc4998ec23f0b1f7f8a9521c2b317b6c25892b" }, { "reference_url": "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.12" }, { "reference_url": "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220506-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20220506-0004" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1007109", "reference_id": "1007109", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1007109" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064698", "reference_id": "2064698", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064698" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/issues/2816", "reference_id": "2816", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:34:26Z/" } ], "url": "https://github.com/FasterXML/jackson-databind/issues/2816" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "cpuapr2022.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:34:26Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "cpujul2022.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:34:26Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36518", "reference_id": "CVE-2020-36518", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36518" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5283", "reference_id": "dsa-5283", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:34:26Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5283" }, { "reference_url": "https://github.com/advisories/GHSA-57j2-w4cx-62h2", "reference_id": "GHSA-57j2-w4cx-62h2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-57j2-w4cx-62h2" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:34:26Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00001.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html", "reference_id": "msg00035.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:34:26Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220506-0004/", "reference_id": "ntap-20220506-0004", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-27T20:34:26Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220506-0004/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:2232", "reference_id": "RHSA-2022:2232", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:2232" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4918", "reference_id": "RHSA-2022:4918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4919", "reference_id": "RHSA-2022:4919", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4919" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4922", "reference_id": "RHSA-2022:4922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5029", "reference_id": "RHSA-2022:5029", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5029" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5101", "reference_id": "RHSA-2022:5101", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5101" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5532", "reference_id": "RHSA-2022:5532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5532" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5596", "reference_id": "RHSA-2022:5596", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5596" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6407", "reference_id": "RHSA-2022:6407", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6407" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6782", "reference_id": "RHSA-2022:6782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6783", "reference_id": "RHSA-2022:6783", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6783" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6787", "reference_id": "RHSA-2022:6787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6813", "reference_id": "RHSA-2022:6813", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6813" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6819", "reference_id": "RHSA-2022:6819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7409", "reference_id": "RHSA-2022:7409", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7409" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7410", "reference_id": "RHSA-2022:7410", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7410" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7411", "reference_id": "RHSA-2022:7411", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7411" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7417", "reference_id": "RHSA-2022:7417", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7417" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7435", "reference_id": "RHSA-2022:7435", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8781", "reference_id": "RHSA-2022:8781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8889", "reference_id": "RHSA-2022:8889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0264", "reference_id": "RHSA-2023:0264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2312", "reference_id": "RHSA-2023:2312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3223", "reference_id": "RHSA-2023:3223", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3223" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3061", "reference_id": "RHSA-2024:3061", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3061" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9582", "reference_id": "RHSA-2025:9582", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9582" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9583", "reference_id": "RHSA-2025:9583", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9583" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/19677?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-rg6h-uhep-kyce" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/19680?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.13.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-rg6h-uhep-kyce" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.13.2.1" } ], "aliases": [ "CVE-2020-36518", "GHSA-57j2-w4cx-62h2" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1zgj-pwjz-tkf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/202705?format=api", "vulnerability_id": "VCID-3e79-1pn2-hqbr", "summary": "Moderate severity vulnerability that affects com.fasterxml.jackson.datatype:jackson-datatype-jsr353", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000873.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000873.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000873", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02189", "scoring_system": "epss", "scoring_elements": "0.848", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.02189", "scoring_system": "epss", "scoring_elements": "0.84807", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.02189", "scoring_system": "epss", "scoring_elements": "0.84746", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.02189", "scoring_system": "epss", "scoring_elements": "0.84798", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000873" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665601", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665601" }, { "reference_url": "https://github.com/FasterXML/jackson-modules-java8", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-modules-java8" }, { "reference_url": "https://github.com/FasterXML/jackson-modules-java8/issues/90", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-modules-java8/issues/90" }, { "reference_url": "https://github.com/FasterXML/jackson-modules-java8/pull/87", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-modules-java8/pull/87" }, { "reference_url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200904-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20200904-0004" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200904-0004/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20200904-0004/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000873", "reference_id": "CVE-2018-1000873", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000873" }, { "reference_url": "https://github.com/advisories/GHSA-h4x4-5qp2-wp46", "reference_id": "GHSA-h4x4-5qp2-wp46", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h4x4-5qp2-wp46" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5568", "reference_id": "RHSA-2020:5568", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5568" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/14705?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-7zr2-u3f1-jqd1" }, { "vulnerability": "VCID-83rf-bazr-nyfm" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9wy4-n4u7-pycp" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-9xet-5e66-1yeb" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-gkxx-gcqv-1kfa" }, { "vulnerability": "VCID-gu8e-dgse-2be4" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j5vg-pbkx-3ya4" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-jftj-9w4n-w3dn" }, { "vulnerability": "VCID-nasd-q68s-nqcu" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-pbp8-csc6-57bs" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-s846-v89n-pfb4" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-v2ad-amun-wqaq" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-yk4b-82wg-auf5" }, { "vulnerability": "VCID-ykb2-yqj3-vfgw" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-yn5b-b6qq-xffs" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" }, { "vulnerability": "VCID-yv39-gzve-yke1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.8" } ], "aliases": [ "CVE-2018-1000873", "GHSA-h4x4-5qp2-wp46" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3e79-1pn2-hqbr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6349?format=api", "vulnerability_id": "VCID-6mm1-mbhs-23bw", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0159", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0160", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0161", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0164", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0445", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0445" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14540.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14540.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14540", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06292", "scoring_system": "epss", "scoring_elements": "0.91179", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.06292", "scoring_system": "epss", "scoring_elements": "0.91178", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.06292", "scoring_system": "epss", "scoring_elements": "0.91141", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.06292", "scoring_system": "epss", "scoring_elements": "0.91173", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14379", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14379" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14439", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14439" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16335", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16335" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16943", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16943" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/FasterXML/jackson-databind", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/blob/master/release-notes/VERSION-2.x", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/blob/master/release-notes/VERSION-2.x" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/73c1c2cc76e6cdd7f3a5615cbe3207fe96e4d3db", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/73c1c2cc76e6cdd7f3a5615cbe3207fe96e4d3db" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/d4983c740fec7d5576b207a8c30a63d3ea7443de", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/d4983c740fec7d5576b207a8c30a63d3ea7443de" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/issues/2410", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/issues/2410" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/issues/2449", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/issues/2449" }, { "reference_url": "https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1@%3Cissues.hbase.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1@%3Cissues.hbase.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/a4f2c9fb36642a48912cdec6836ec00e497427717c5d377f8d7ccce6@%3Cnotifications.zookeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/a4f2c9fb36642a48912cdec6836ec00e497427717c5d377f8d7ccce6@%3Cnotifications.zookeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9@%3Cissues.hbase.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9@%3Cissues.hbase.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0@%3Cissues.hbase.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0@%3Cissues.hbase.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/e90c3feb21702e68a8c08afce37045adb3870f2bf8223fa403fb93fb@%3Ccommits.hbase.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/e90c3feb21702e68a8c08afce37045adb3870f2bf8223fa403fb93fb@%3Ccommits.hbase.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r8aaf4ee16bbaf6204731d4770d96ebb34b258cd79b491f9cdd7f2540@%3Ccommits.nifi.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r8aaf4ee16bbaf6204731d4770d96ebb34b258cd79b491f9cdd7f2540@%3Ccommits.nifi.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT" }, { "reference_url": "https://seclists.org/bugtraq/2019/Oct/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://seclists.org/bugtraq/2019/Oct/6" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20191004-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20191004-0002" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4542", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2019/dsa-4542" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755849", "reference_id": "1755849", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755849" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940498", "reference_id": "940498", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940498" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14540", "reference_id": "CVE-2019-14540", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14540" }, { "reference_url": "https://github.com/advisories/GHSA-h822-r4r5-v8jg", "reference_id": "GHSA-h822-r4r5-v8jg", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h822-r4r5-v8jg" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3200", "reference_id": "RHSA-2019:3200", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0895", "reference_id": "RHSA-2020:0895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0899", "reference_id": "RHSA-2020:0899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1644", "reference_id": "RHSA-2020:1644", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1644" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2067", "reference_id": "RHSA-2020:2067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2321", "reference_id": "RHSA-2020:2321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2333", "reference_id": "RHSA-2020:2333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3192", "reference_id": "RHSA-2020:3192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3192" }, { "reference_url": "https://usn.ubuntu.com/USN-4813-1/", "reference_id": "USN-USN-4813-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4813-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/14269?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.6.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-176g-xhm6-37cm" }, { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-epj9-sgcj-2ygr" }, { "vulnerability": "VCID-f9uf-9x2e-dkb5" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-kens-84bv-f3g9" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-nd7y-81kk-cbhw" }, { "vulnerability": "VCID-pbp8-csc6-57bs" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-yn5b-b6qq-xffs" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.6.7.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/15621?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5j5q-hb8b-7ybh" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-kecy-wbgw-x7fu" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-skzq-uaju-hqa7" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-wcx6-jegk-mqg5" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/15620?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-7zr2-u3f1-jqd1" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9wy4-n4u7-pycp" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-gkxx-gcqv-1kfa" }, { "vulnerability": "VCID-gu8e-dgse-2be4" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j5vg-pbkx-3ya4" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-jftj-9w4n-w3dn" }, { "vulnerability": "VCID-nasd-q68s-nqcu" }, { "vulnerability": "VCID-pbp8-csc6-57bs" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-s846-v89n-pfb4" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-v2ad-amun-wqaq" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-yk4b-82wg-auf5" }, { "vulnerability": "VCID-ykb2-yqj3-vfgw" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-yn5b-b6qq-xffs" }, { "vulnerability": "VCID-yv39-gzve-yke1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10" } ], "aliases": [ "CVE-2019-14540", "GHSA-h822-r4r5-v8jg" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6mm1-mbhs-23bw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/204802?format=api", "vulnerability_id": "VCID-83rf-bazr-nyfm", "summary": "Polymorphic deserialization of malicious object in jackson-databind", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0729", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0729" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14892.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14892.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14892", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00873", "scoring_system": "epss", "scoring_elements": "0.75748", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00873", "scoring_system": "epss", "scoring_elements": "0.75669", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00873", "scoring_system": "epss", "scoring_elements": "0.75739", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00873", "scoring_system": "epss", "scoring_elements": "0.75753", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14892" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14892", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14892" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14892", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14892" }, { "reference_url": "https://github.com/FasterXML/jackson-databind", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/41b7f9b90149e9d44a65a8261a8deedc7186f6af", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/41b7f9b90149e9d44a65a8261a8deedc7186f6af" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/819cdbcab51c6da9fb896380f2d46e9b7d4fdc3b", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/819cdbcab51c6da9fb896380f2d46e9b7d4fdc3b" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/issues/2462", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/issues/2462" }, { "reference_url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200904-0005", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20200904-0005" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200904-0005/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20200904-0005/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758171", "reference_id": "1758171", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758171" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14892", "reference_id": "CVE-2019-14892", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14892" }, { "reference_url": "https://github.com/advisories/GHSA-cf6r-3wgc-h863", "reference_id": "GHSA-cf6r-3wgc-h863", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cf6r-3wgc-h863" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0895", "reference_id": "RHSA-2020:0895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0899", "reference_id": "RHSA-2020:0899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2067", "reference_id": "RHSA-2020:2067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2333", "reference_id": "RHSA-2020:2333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3192", "reference_id": "RHSA-2020:3192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3192" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/14269?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.6.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-176g-xhm6-37cm" }, { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-epj9-sgcj-2ygr" }, { "vulnerability": "VCID-f9uf-9x2e-dkb5" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-kens-84bv-f3g9" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-nd7y-81kk-cbhw" }, { "vulnerability": "VCID-pbp8-csc6-57bs" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-yn5b-b6qq-xffs" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.6.7.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/15621?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5j5q-hb8b-7ybh" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-kecy-wbgw-x7fu" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-skzq-uaju-hqa7" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-wcx6-jegk-mqg5" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/15620?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-7zr2-u3f1-jqd1" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9wy4-n4u7-pycp" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-gkxx-gcqv-1kfa" }, { "vulnerability": "VCID-gu8e-dgse-2be4" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j5vg-pbkx-3ya4" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-jftj-9w4n-w3dn" }, { "vulnerability": "VCID-nasd-q68s-nqcu" }, { "vulnerability": "VCID-pbp8-csc6-57bs" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-s846-v89n-pfb4" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-v2ad-amun-wqaq" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-yk4b-82wg-auf5" }, { "vulnerability": "VCID-ykb2-yqj3-vfgw" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-yn5b-b6qq-xffs" }, { "vulnerability": "VCID-yv39-gzve-yke1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10" } ], "aliases": [ "CVE-2019-14892", "GHSA-cf6r-3wgc-h863" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-83rf-bazr-nyfm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/177596?format=api", "vulnerability_id": "VCID-9x2p-xss7-yyae", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0159", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0160", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0161", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0164", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0445", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0729", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0729" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16335.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16335.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16335", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00651", "scoring_system": "epss", "scoring_elements": "0.71448", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00651", "scoring_system": "epss", "scoring_elements": "0.71447", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00651", "scoring_system": "epss", "scoring_elements": "0.71436", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00651", "scoring_system": "epss", "scoring_elements": "0.71348", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16335" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14379", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14379" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14439", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14439" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16335", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16335" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16943", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16943" }, { "reference_url": "https://github.com/FasterXML/jackson-databind", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/73c1c2cc76e6cdd7f3a5615cbe3207fe96e4d3db", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/73c1c2cc76e6cdd7f3a5615cbe3207fe96e4d3db" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/issues/2449", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/issues/2449" }, { "reference_url": "https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1@%3Cissues.hbase.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1@%3Cissues.hbase.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9@%3Cissues.hbase.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9@%3Cissues.hbase.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0@%3Cissues.hbase.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0@%3Cissues.hbase.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/e90c3feb21702e68a8c08afce37045adb3870f2bf8223fa403fb93fb@%3Ccommits.hbase.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/e90c3feb21702e68a8c08afce37045adb3870f2bf8223fa403fb93fb@%3Ccommits.hbase.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Oct/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://seclists.org/bugtraq/2019/Oct/6" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20191004-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20191004-0002" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20191004-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20191004-0002/" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4542", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2019/dsa-4542" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755831", "reference_id": "1755831", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755831" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940498", "reference_id": "940498", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940498" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16335", "reference_id": "CVE-2019-16335", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16335" }, { "reference_url": "https://github.com/advisories/GHSA-85cw-hj65-qqv9", "reference_id": "GHSA-85cw-hj65-qqv9", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-85cw-hj65-qqv9" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3200", "reference_id": "RHSA-2019:3200", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0895", "reference_id": "RHSA-2020:0895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0899", "reference_id": "RHSA-2020:0899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1644", "reference_id": "RHSA-2020:1644", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1644" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2067", "reference_id": "RHSA-2020:2067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2333", "reference_id": "RHSA-2020:2333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3192", "reference_id": "RHSA-2020:3192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3192" }, { "reference_url": "https://usn.ubuntu.com/USN-4813-1/", "reference_id": "USN-USN-4813-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4813-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/14269?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.6.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-176g-xhm6-37cm" }, { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-epj9-sgcj-2ygr" }, { "vulnerability": "VCID-f9uf-9x2e-dkb5" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-kens-84bv-f3g9" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-nd7y-81kk-cbhw" }, { "vulnerability": "VCID-pbp8-csc6-57bs" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-yn5b-b6qq-xffs" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.6.7.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/15621?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5j5q-hb8b-7ybh" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-kecy-wbgw-x7fu" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-skzq-uaju-hqa7" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-wcx6-jegk-mqg5" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/15620?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-7zr2-u3f1-jqd1" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9wy4-n4u7-pycp" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-gkxx-gcqv-1kfa" }, { "vulnerability": "VCID-gu8e-dgse-2be4" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j5vg-pbkx-3ya4" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-jftj-9w4n-w3dn" }, { "vulnerability": "VCID-nasd-q68s-nqcu" }, { "vulnerability": "VCID-pbp8-csc6-57bs" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-s846-v89n-pfb4" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-v2ad-amun-wqaq" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-yk4b-82wg-auf5" }, { "vulnerability": "VCID-ykb2-yqj3-vfgw" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-yn5b-b6qq-xffs" }, { "vulnerability": "VCID-yv39-gzve-yke1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10" } ], "aliases": [ "CVE-2019-16335", "GHSA-85cw-hj65-qqv9" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9x2p-xss7-yyae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/165146?format=api", "vulnerability_id": "VCID-epj9-sgcj-2ygr", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3189", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3189" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3190", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0576", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0576" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0577", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0577" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2927", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2927" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15095.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15095.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15095", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07697", "scoring_system": "epss", "scoring_elements": "0.92132", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.07697", "scoring_system": "epss", "scoring_elements": "0.92102", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.07697", "scoring_system": "epss", "scoring_elements": "0.92129", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.07697", "scoring_system": "epss", "scoring_elements": "0.92135", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15095" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15095", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15095" }, { "reference_url": "https://github.com/FasterXML/jackson-databind", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/a054585e2175ad0882f07bcafedecfac86230f1b", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/a054585e2175ad0882f07bcafedecfac86230f1b" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/a3939d36edcc755c8af55bdc1969e0fa8438f9db", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/a3939d36edcc755c8af55bdc1969e0fa8438f9db" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/ddfddfba6414adbecaff99684ef66eebd3a92e92", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/ddfddfba6414adbecaff99684ef66eebd3a92e92" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/e865a7a4464da63ded9f4b1a2328ad85c9ded78b", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/e865a7a4464da63ded9f4b1a2328ad85c9ded78b" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/e8f043d1aac9b82eee907e0f0c3abbdea723a935", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/e8f043d1aac9b82eee907e0f0c3abbdea723a935" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/issues/1680", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/issues/1680" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/issues/1737", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/issues/1737" }, { "reference_url": "https://github.com/tolbertam/jackson-databind/commit/80566a0f96b2003863f9d8f9ccc3b562001e147b", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/tolbertam/jackson-databind/commit/80566a0f96b2003863f9d8f9ccc3b562001e147b" }, { "reference_url": "https://lists.apache.org/thread.html/f095a791bda6c0595f691eddd0febb2d396987eec5cbd29120d8c629@%3Csolr-user.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/f095a791bda6c0595f691eddd0febb2d396987eec5cbd29120d8c629@%3Csolr-user.lucene.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00037.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00037.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20171214-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20171214-0003" }, { "reference_url": "https://web.archive.org/web/20200401000000*/http://www.securityfocus.com/bid/103880", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200401000000*/http://www.securityfocus.com/bid/103880" }, { "reference_url": "https://web.archive.org/web/20201221192044/http://www.securitytracker.com/id/1039769", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201221192044/http://www.securitytracker.com/id/1039769" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4037", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2017/dsa-4037" }, { "reference_url": "http://www.securityfocus.com/bid/103880", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/103880" }, { "reference_url": "http://www.securitytracker.com/id/1039769", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039769" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612", "reference_id": "1506612", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095", "reference_id": "CVE-2017-15095", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095" }, { "reference_url": "https://github.com/advisories/GHSA-h592-38cm-4ggp", "reference_id": "GHSA-h592-38cm-4ggp", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h592-38cm-4ggp" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0342", "reference_id": "RHSA-2018:0342", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0478", "reference_id": "RHSA-2018:0478", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0479", "reference_id": "RHSA-2018:0479", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0480", "reference_id": "RHSA-2018:0480", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0481", "reference_id": "RHSA-2018:0481", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1447", "reference_id": "RHSA-2018:1447", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1447" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1448", "reference_id": "RHSA-2018:1448", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1448" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1449", "reference_id": "RHSA-2018:1449", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1450", "reference_id": "RHSA-2018:1450", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1451", "reference_id": "RHSA-2018:1451", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1451" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2858", "reference_id": "RHSA-2019:2858", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3149", "reference_id": "RHSA-2019:3149", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3149" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3892", "reference_id": "RHSA-2019:3892", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3892" }, { "reference_url": "https://usn.ubuntu.com/4741-1/", "reference_id": "USN-4741-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4741-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/14269?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.6.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-176g-xhm6-37cm" }, { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-epj9-sgcj-2ygr" }, { "vulnerability": "VCID-f9uf-9x2e-dkb5" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-kens-84bv-f3g9" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-nd7y-81kk-cbhw" }, { "vulnerability": "VCID-pbp8-csc6-57bs" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-yn5b-b6qq-xffs" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.6.7.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/14267?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-176g-xhm6-37cm" }, { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5j5q-hb8b-7ybh" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-83rf-bazr-nyfm" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-9xet-5e66-1yeb" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-aswz-ykun-tuhz" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-cdde-bu2g-33hc" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-dcvw-72d9-kuda" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-f9uf-9x2e-dkb5" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-kecy-wbgw-x7fu" }, { "vulnerability": "VCID-kens-84bv-f3g9" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-nd7y-81kk-cbhw" }, { "vulnerability": "VCID-punf-m42j-27g8" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-skzq-uaju-hqa7" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-wcx6-jegk-mqg5" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/389970?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-176g-xhm6-37cm" }, { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5j5q-hb8b-7ybh" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-83rf-bazr-nyfm" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-9xet-5e66-1yeb" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-aswz-ykun-tuhz" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-cdde-bu2g-33hc" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-dcvw-72d9-kuda" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-f9uf-9x2e-dkb5" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-kecy-wbgw-x7fu" }, { "vulnerability": "VCID-kens-84bv-f3g9" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-nd7y-81kk-cbhw" }, { "vulnerability": "VCID-punf-m42j-27g8" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-skzq-uaju-hqa7" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-wcx6-jegk-mqg5" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/14270?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-176g-xhm6-37cm" }, { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5j5q-hb8b-7ybh" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-83rf-bazr-nyfm" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-9xet-5e66-1yeb" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-aswz-ykun-tuhz" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-cdde-bu2g-33hc" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-dcvw-72d9-kuda" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-f9uf-9x2e-dkb5" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-kecy-wbgw-x7fu" }, { "vulnerability": "VCID-kens-84bv-f3g9" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-nd7y-81kk-cbhw" }, { "vulnerability": "VCID-punf-m42j-27g8" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-skzq-uaju-hqa7" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-wcx6-jegk-mqg5" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/420445?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.0.pr1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-176g-xhm6-37cm" }, { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5j5q-hb8b-7ybh" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-7zr2-u3f1-jqd1" }, { "vulnerability": "VCID-83rf-bazr-nyfm" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9wy4-n4u7-pycp" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-9xet-5e66-1yeb" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-aswz-ykun-tuhz" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-cdde-bu2g-33hc" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-dcvw-72d9-kuda" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-f9uf-9x2e-dkb5" }, { "vulnerability": "VCID-gkxx-gcqv-1kfa" }, { "vulnerability": "VCID-gu8e-dgse-2be4" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j5vg-pbkx-3ya4" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-jftj-9w4n-w3dn" }, { "vulnerability": "VCID-kecy-wbgw-x7fu" }, { "vulnerability": "VCID-kens-84bv-f3g9" }, { "vulnerability": "VCID-nasd-q68s-nqcu" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-nd7y-81kk-cbhw" }, { "vulnerability": "VCID-pbp8-csc6-57bs" }, { "vulnerability": "VCID-punf-m42j-27g8" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-s846-v89n-pfb4" }, { "vulnerability": "VCID-skzq-uaju-hqa7" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-v2ad-amun-wqaq" }, { "vulnerability": "VCID-wcx6-jegk-mqg5" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-yk4b-82wg-auf5" }, { "vulnerability": "VCID-ykb2-yqj3-vfgw" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-yn5b-b6qq-xffs" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" }, { "vulnerability": "VCID-yv39-gzve-yke1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.0.pr1" }, { "url": "http://public2.vulnerablecode.io/api/packages/389971?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-176g-xhm6-37cm" }, { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5j5q-hb8b-7ybh" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-7zr2-u3f1-jqd1" }, { "vulnerability": "VCID-83rf-bazr-nyfm" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9wy4-n4u7-pycp" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-9xet-5e66-1yeb" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-aswz-ykun-tuhz" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-cdde-bu2g-33hc" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-dcvw-72d9-kuda" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-f9uf-9x2e-dkb5" }, { "vulnerability": "VCID-gkxx-gcqv-1kfa" }, { "vulnerability": "VCID-gu8e-dgse-2be4" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j5vg-pbkx-3ya4" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-jftj-9w4n-w3dn" }, { "vulnerability": "VCID-kecy-wbgw-x7fu" }, { "vulnerability": "VCID-kens-84bv-f3g9" }, { "vulnerability": "VCID-nasd-q68s-nqcu" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-nd7y-81kk-cbhw" }, { "vulnerability": "VCID-pbp8-csc6-57bs" }, { "vulnerability": "VCID-punf-m42j-27g8" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-s846-v89n-pfb4" }, { "vulnerability": "VCID-skzq-uaju-hqa7" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-v2ad-amun-wqaq" }, { "vulnerability": "VCID-wcx6-jegk-mqg5" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-yk4b-82wg-auf5" }, { "vulnerability": "VCID-ykb2-yqj3-vfgw" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-yn5b-b6qq-xffs" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" }, { "vulnerability": "VCID-yv39-gzve-yke1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/14266?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-176g-xhm6-37cm" }, { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5j5q-hb8b-7ybh" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-7zr2-u3f1-jqd1" }, { "vulnerability": "VCID-83rf-bazr-nyfm" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9wy4-n4u7-pycp" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-9xet-5e66-1yeb" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-aswz-ykun-tuhz" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-cdde-bu2g-33hc" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-dcvw-72d9-kuda" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-f9uf-9x2e-dkb5" }, { "vulnerability": "VCID-gkxx-gcqv-1kfa" }, { "vulnerability": "VCID-gu8e-dgse-2be4" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j5vg-pbkx-3ya4" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-jftj-9w4n-w3dn" }, { "vulnerability": "VCID-kecy-wbgw-x7fu" }, { "vulnerability": "VCID-nasd-q68s-nqcu" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-nd7y-81kk-cbhw" }, { "vulnerability": "VCID-pbp8-csc6-57bs" }, { "vulnerability": "VCID-punf-m42j-27g8" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-s846-v89n-pfb4" }, { "vulnerability": "VCID-skzq-uaju-hqa7" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-v2ad-amun-wqaq" }, { "vulnerability": "VCID-wcx6-jegk-mqg5" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-yk4b-82wg-auf5" }, { "vulnerability": "VCID-ykb2-yqj3-vfgw" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-yn5b-b6qq-xffs" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" }, { "vulnerability": "VCID-yv39-gzve-yke1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.4" } ], "aliases": [ "CVE-2017-15095", "GHSA-h592-38cm-4ggp" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-epj9-sgcj-2ygr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30219?format=api", "vulnerability_id": "VCID-f9uf-9x2e-dkb5", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1786", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2088", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2088" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2089", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2089" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2090", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2090" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2938", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2938" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7489.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7489.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-7489", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.36207", "scoring_system": "epss", "scoring_elements": "0.97218", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.36207", "scoring_system": "epss", "scoring_elements": "0.97209", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.36207", "scoring_system": "epss", "scoring_elements": "0.97219", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.36207", "scoring_system": "epss", "scoring_elements": "0.97216", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-7489" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7489", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7489" }, { "reference_url": "https://github.com/FasterXML/jackson-databind", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/60d459cedcf079c6106ae7da2ac562bc32dcabe1", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/FasterXML/jackson-databind/commit/60d459cedcf079c6106ae7da2ac562bc32dcabe1" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/6799f8f10cc78e9af6d443ed6982d00a13f2e7d2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/6799f8f10cc78e9af6d443ed6982d00a13f2e7d2" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/bc22f90eb7f896ace9567598a99cb1ff6e0f9d9d", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/bc22f90eb7f896ace9567598a99cb1ff6e0f9d9d" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/c921f0935d5e41bf206e702d8077a275ba1a6efc", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/c921f0935d5e41bf206e702d8077a275ba1a6efc" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/ca2bfc86af82a1479112004b663ba74c760752e6", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/ca2bfc86af82a1479112004b663ba74c760752e6" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/ddfddfba6414adbecaff99684ef66eebd3a92e92", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/FasterXML/jackson-databind/commit/ddfddfba6414adbecaff99684ef66eebd3a92e92" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/e66c0a9d3c926ff1b63bf586c824ead1d02f2a3d", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/e66c0a9d3c926ff1b63bf586c824ead1d02f2a3d" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/e8f043d1aac9b82eee907e0f0c3abbdea723a935", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/FasterXML/jackson-databind/commit/e8f043d1aac9b82eee907e0f0c3abbdea723a935" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/issues/1931", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/issues/1931" }, { "reference_url": "https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180328-0001", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20180328-0001" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180328-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20180328-0001/" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4190", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2018/dsa-4190" }, { "reference_url": "http://www.securityfocus.com/bid/103203", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/103203" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276", "reference_id": "1549276", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891614", "reference_id": "891614", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891614" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489", "reference_id": "CVE-2018-7489", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489" }, { "reference_url": "https://github.com/advisories/GHSA-cggj-fvv3-cqwv", "reference_id": "GHSA-cggj-fvv3-cqwv", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cggj-fvv3-cqwv" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1447", "reference_id": "RHSA-2018:1447", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1447" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1448", "reference_id": "RHSA-2018:1448", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1448" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1449", "reference_id": "RHSA-2018:1449", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1450", "reference_id": "RHSA-2018:1450", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1451", "reference_id": "RHSA-2018:1451", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1451" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2939", "reference_id": "RHSA-2018:2939", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:2939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2858", "reference_id": "RHSA-2019:2858", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3149", "reference_id": "RHSA-2019:3149", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3149" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2562", "reference_id": "RHSA-2020:2562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2562" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/13804?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.6.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-176g-xhm6-37cm" }, { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-epj9-sgcj-2ygr" }, { "vulnerability": "VCID-f9uf-9x2e-dkb5" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-kens-84bv-f3g9" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-nd7y-81kk-cbhw" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.6.7.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/13799?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-176g-xhm6-37cm" }, { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5j5q-hb8b-7ybh" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-83rf-bazr-nyfm" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-9xet-5e66-1yeb" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-aswz-ykun-tuhz" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-cdde-bu2g-33hc" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-dcvw-72d9-kuda" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-kecy-wbgw-x7fu" }, { "vulnerability": "VCID-kens-84bv-f3g9" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-nd7y-81kk-cbhw" }, { "vulnerability": "VCID-punf-m42j-27g8" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-skpt-rvj3-2yev" }, { "vulnerability": "VCID-skzq-uaju-hqa7" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-wcx6-jegk-mqg5" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/13803?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-176g-xhm6-37cm" }, { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5j5q-hb8b-7ybh" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-83rf-bazr-nyfm" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-9xet-5e66-1yeb" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-aswz-ykun-tuhz" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-cdde-bu2g-33hc" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-dcvw-72d9-kuda" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-kecy-wbgw-x7fu" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-nd7y-81kk-cbhw" }, { "vulnerability": "VCID-punf-m42j-27g8" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-skpt-rvj3-2yev" }, { "vulnerability": "VCID-skzq-uaju-hqa7" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-wcx6-jegk-mqg5" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/13801?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-176g-xhm6-37cm" }, { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5j5q-hb8b-7ybh" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-7zr2-u3f1-jqd1" }, { "vulnerability": "VCID-83rf-bazr-nyfm" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9wy4-n4u7-pycp" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-9xet-5e66-1yeb" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-aswz-ykun-tuhz" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-cdde-bu2g-33hc" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-dcvw-72d9-kuda" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-gkxx-gcqv-1kfa" }, { "vulnerability": "VCID-gu8e-dgse-2be4" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j5vg-pbkx-3ya4" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-jftj-9w4n-w3dn" }, { "vulnerability": "VCID-kecy-wbgw-x7fu" }, { "vulnerability": "VCID-nasd-q68s-nqcu" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-nd7y-81kk-cbhw" }, { "vulnerability": "VCID-pbp8-csc6-57bs" }, { "vulnerability": "VCID-punf-m42j-27g8" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-s846-v89n-pfb4" }, { "vulnerability": "VCID-skzq-uaju-hqa7" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-v2ad-amun-wqaq" }, { "vulnerability": "VCID-wcx6-jegk-mqg5" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-yk4b-82wg-auf5" }, { "vulnerability": "VCID-ykb2-yqj3-vfgw" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-yn5b-b6qq-xffs" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" }, { "vulnerability": "VCID-yv39-gzve-yke1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.5" } ], "aliases": [ "CVE-2018-7489", "GHSA-cggj-fvv3-cqwv" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f9uf-9x2e-dkb5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5657?format=api", "vulnerability_id": "VCID-kens-84bv-f3g9", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1525", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1525" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5968.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5968.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5968", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01965", "scoring_system": "epss", "scoring_elements": "0.83905", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01965", "scoring_system": "epss", "scoring_elements": "0.83962", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01965", "scoring_system": "epss", "scoring_elements": "0.8397", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01965", "scoring_system": "epss", "scoring_elements": "0.83966", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17485", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17485" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5968" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/FasterXML/jackson-databind", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/038b471e2efde2e8f96b4e0be958d3e5a1ff1d0", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/038b471e2efde2e8f96b4e0be958d3e5a1ff1d0" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/03ea0bec6293d4330b5ad19d1d62aca0e3cb6381", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/03ea0bec6293d4330b5ad19d1d62aca0e3cb6381" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/454be8bb8c913be18298327a84ca45a280b61605", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/454be8bb8c913be18298327a84ca45a280b61605" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/issues/1899", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/issues/1899" }, { "reference_url": "https://github.com/GulajavaMinistudio/jackson-databind/pull/92/commits/038b471e2efde2e8f96b4e0be958d3e5a1ff1d05", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/GulajavaMinistudio/jackson-databind/pull/92/commits/038b471e2efde2e8f96b4e0be958d3e5a1ff1d05" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180423-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20180423-0002" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180423-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20180423-0002/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1538332", "reference_id": "1538332", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1538332" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888316", "reference_id": "888316", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888316" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5968", "reference_id": "CVE-2018-5968", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5968" }, { "reference_url": "https://github.com/advisories/GHSA-w3f4-3q6j-rh82", "reference_id": "GHSA-w3f4-3q6j-rh82", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w3f4-3q6j-rh82" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0478", "reference_id": "RHSA-2018:0478", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0479", "reference_id": "RHSA-2018:0479", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0480", "reference_id": "RHSA-2018:0480", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0481", "reference_id": "RHSA-2018:0481", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2858", "reference_id": "RHSA-2019:2858", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3149", "reference_id": "RHSA-2019:3149", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3149" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/14701?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5j5q-hb8b-7ybh" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-83rf-bazr-nyfm" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-9xet-5e66-1yeb" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-kecy-wbgw-x7fu" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-skzq-uaju-hqa7" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-wcx6-jegk-mqg5" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/13803?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-176g-xhm6-37cm" }, { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5j5q-hb8b-7ybh" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-83rf-bazr-nyfm" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-9xet-5e66-1yeb" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-aswz-ykun-tuhz" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-cdde-bu2g-33hc" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-dcvw-72d9-kuda" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-kecy-wbgw-x7fu" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-nd7y-81kk-cbhw" }, { "vulnerability": "VCID-punf-m42j-27g8" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-skpt-rvj3-2yev" }, { "vulnerability": "VCID-skzq-uaju-hqa7" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-wcx6-jegk-mqg5" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/14266?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-176g-xhm6-37cm" }, { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5j5q-hb8b-7ybh" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-7zr2-u3f1-jqd1" }, { "vulnerability": "VCID-83rf-bazr-nyfm" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9wy4-n4u7-pycp" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-9xet-5e66-1yeb" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-aswz-ykun-tuhz" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-cdde-bu2g-33hc" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-dcvw-72d9-kuda" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-f9uf-9x2e-dkb5" }, { "vulnerability": "VCID-gkxx-gcqv-1kfa" }, { "vulnerability": "VCID-gu8e-dgse-2be4" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j5vg-pbkx-3ya4" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-jftj-9w4n-w3dn" }, { "vulnerability": "VCID-kecy-wbgw-x7fu" }, { "vulnerability": "VCID-nasd-q68s-nqcu" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-nd7y-81kk-cbhw" }, { "vulnerability": "VCID-pbp8-csc6-57bs" }, { "vulnerability": "VCID-punf-m42j-27g8" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-s846-v89n-pfb4" }, { "vulnerability": "VCID-skzq-uaju-hqa7" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-v2ad-amun-wqaq" }, { "vulnerability": "VCID-wcx6-jegk-mqg5" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-yk4b-82wg-auf5" }, { "vulnerability": "VCID-ykb2-yqj3-vfgw" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-yn5b-b6qq-xffs" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" }, { "vulnerability": "VCID-yv39-gzve-yke1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.4" } ], "aliases": [ "CVE-2018-5968", "GHSA-w3f4-3q6j-rh82" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kens-84bv-f3g9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30300?format=api", "vulnerability_id": "VCID-kmda-42tq-vudq", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1834", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:1834" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1835", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:1835" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1836", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:1836" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1837", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:1837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1839", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:1839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1840", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:1840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2477", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2546", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2546" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2547", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2547" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2633", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2633" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2635", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2635" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2636", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2636" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2637", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2637" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2638", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2638" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3141", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3141" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3454", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3454" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3455", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3456", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3458", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0294", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0294" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0910", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:0910" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7525.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7525.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7525", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.82146", "scoring_system": "epss", "scoring_elements": "0.99238", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.82146", "scoring_system": "epss", "scoring_elements": "0.99236", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.82146", "scoring_system": "epss", "scoring_elements": "0.99239", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7525" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7525", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7525" }, { "reference_url": "https://cwiki.apache.org/confluence/display/WW/S2-055", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cwiki.apache.org/confluence/display/WW/S2-055" }, { "reference_url": "https://github.com/FasterXML/jackson-databind", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/3bfbb835e530055c1941ddf87fde0b08d08dcd38", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/3bfbb835e530055c1941ddf87fde0b08d08dcd38" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/60d459cedcf079c6106ae7da2ac562bc32dcabe1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/60d459cedcf079c6106ae7da2ac562bc32dcabe1" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/680d75b011edd67a2d2a2e9980998a968194c2ef", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/680d75b011edd67a2d2a2e9980998a968194c2ef" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/6ce32ffd18facac6abdbbf559c817b47fcb622c1", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/6ce32ffd18facac6abdbbf559c817b47fcb622c1" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/90042692085deeb05ae75c569c9909f7dba24415", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/90042692085deeb05ae75c569c9909f7dba24415" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/ddfddfba6414adbecaff99684ef66eebd3a92e92", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/FasterXML/jackson-databind/commit/ddfddfba6414adbecaff99684ef66eebd3a92e92" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/e8f043d1aac9b82eee907e0f0c3abbdea723a935", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/FasterXML/jackson-databind/commit/e8f043d1aac9b82eee907e0f0c3abbdea723a935" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/fa87c1ddbe803ebb7295f5c2ebfe38e12f6e6162", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/fa87c1ddbe803ebb7295f5c2ebfe38e12f6e6162" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/fd8dec2c7fab8b4b4bd60502a0f1d63ec23c24da", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/fd8dec2c7fab8b4b4bd60502a0f1d63ec23c24da" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/issues/1599", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/issues/1599" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/issues/1723", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/issues/1723" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/issues/1737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/FasterXML/jackson-databind/issues/1737" }, { "reference_url": "https://lists.apache.org/thread.html/3c87dc8bca99a2b3b4743713b33d1de05b1d6b761fdf316224e9c81f@%3Cdev.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/3c87dc8bca99a2b3b4743713b33d1de05b1d6b761fdf316224e9c81f@%3Cdev.lucene.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/4641ed8616ccc2c1fbddac2c3dc9900c96387bc226eaf0232d61909b@%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/4641ed8616ccc2c1fbddac2c3dc9900c96387bc226eaf0232d61909b@%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/5008bcbd45ee65ce39e4220b6ac53d28a24d6bc67d5804e9773a7399@%3Csolr-user.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/5008bcbd45ee65ce39e4220b6ac53d28a24d6bc67d5804e9773a7399@%3Csolr-user.lucene.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b1f33fe5ade396bb903fdcabe9f243f7692c7dfce5418d3743c2d346@%3Cdev.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/b1f33fe5ade396bb903fdcabe9f243f7692c7dfce5418d3743c2d346@%3Cdev.lucene.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c10a2bf0fdc3d25faf17bd191d6ec46b29a353fa9c97bebd7c4e5913@%3Cdev.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c10a2bf0fdc3d25faf17bd191d6ec46b29a353fa9c97bebd7c4e5913@%3Cdev.lucene.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c2ed4c0126b43e324cf740012a0edd371fd36096fd777be7bfe7a2a6@%3Cdev.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c2ed4c0126b43e324cf740012a0edd371fd36096fd777be7bfe7a2a6@%3Cdev.lucene.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/c9d5ff20929e8a3c8794facf4c4b326a9c10618812eec356caa20b87@%3Csolr-user.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/c9d5ff20929e8a3c8794facf4c4b326a9c10618812eec356caa20b87@%3Csolr-user.lucene.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f095a791bda6c0595f691eddd0febb2d396987eec5cbd29120d8c629@%3Csolr-user.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/f095a791bda6c0595f691eddd0febb2d396987eec5cbd29120d8c629@%3Csolr-user.lucene.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f60afd3c7e9ebaaf70fad4a4beb75cf8740ac959017a31e7006c7486@%3Cdev.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/f60afd3c7e9ebaaf70fad4a4beb75cf8740ac959017a31e7006c7486@%3Cdev.lucene.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r42ac3e39e6265db12d9fc6ae1cd4b5fea7aed9830dc6f6d58228fed7@%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r42ac3e39e6265db12d9fc6ae1cd4b5fea7aed9830dc6f6d58228fed7@%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r68acf97f4526ba59a33cc6e592261ea4f85d890f99e79c82d57dd589@%3Cissues.spark.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r68acf97f4526ba59a33cc6e592261ea4f85d890f99e79c82d57dd589@%3Cissues.spark.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf7f87810c38dc9abf9f93989f76008f504cbf7c1a355214640b2d04c@%3Ccommits.cassandra.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf7f87810c38dc9abf9f93989f76008f504cbf7c1a355214640b2d04c@%3Ccommits.cassandra.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00037.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00037.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00039.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00039.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20171214-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20171214-0002" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4004", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2017/dsa-4004" }, { "reference_url": "http://www.securityfocus.com/bid/99623", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/99623" }, { "reference_url": "http://www.securitytracker.com/id/1039744", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039744" }, { "reference_url": "http://www.securitytracker.com/id/1039947", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039947" }, { "reference_url": "http://www.securitytracker.com/id/1040360", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040360" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870848", "reference_id": "870848", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870848" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525", "reference_id": "CVE-2017-7525", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525" }, { "reference_url": "https://github.com/advisories/GHSA-qxxx-2pp7-5hmx", "reference_id": "GHSA-qxxx-2pp7-5hmx", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qxxx-2pp7-5hmx" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0342", "reference_id": "RHSA-2018:0342", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1449", "reference_id": "RHSA-2018:1449", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1450", "reference_id": "RHSA-2018:1450", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2858", "reference_id": "RHSA-2019:2858", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3149", "reference_id": "RHSA-2019:3149", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3149" }, { "reference_url": "https://usn.ubuntu.com/4741-1/", "reference_id": "USN-4741-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4741-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/13753?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.6.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-176g-xhm6-37cm" }, { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5j5q-hb8b-7ybh" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-83rf-bazr-nyfm" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-cdde-bu2g-33hc" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-dcvw-72d9-kuda" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-epj9-sgcj-2ygr" }, { "vulnerability": "VCID-f9uf-9x2e-dkb5" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-kecy-wbgw-x7fu" }, { "vulnerability": "VCID-kens-84bv-f3g9" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-nd7y-81kk-cbhw" }, { "vulnerability": "VCID-pbp8-csc6-57bs" }, { "vulnerability": "VCID-punf-m42j-27g8" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-skzq-uaju-hqa7" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-wcx6-jegk-mqg5" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-yn5b-b6qq-xffs" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.6.7.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/13758?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-176g-xhm6-37cm" }, { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5j5q-hb8b-7ybh" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-83rf-bazr-nyfm" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-9xet-5e66-1yeb" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-aswz-ykun-tuhz" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-cdde-bu2g-33hc" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-dcvw-72d9-kuda" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-epj9-sgcj-2ygr" }, { "vulnerability": "VCID-f9uf-9x2e-dkb5" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-kecy-wbgw-x7fu" }, { "vulnerability": "VCID-kens-84bv-f3g9" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-nd7y-81kk-cbhw" }, { "vulnerability": "VCID-punf-m42j-27g8" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-skzq-uaju-hqa7" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-wcx6-jegk-mqg5" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/13755?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-176g-xhm6-37cm" }, { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5j5q-hb8b-7ybh" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-83rf-bazr-nyfm" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-9xet-5e66-1yeb" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-aswz-ykun-tuhz" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-cdde-bu2g-33hc" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-dcvw-72d9-kuda" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-epj9-sgcj-2ygr" }, { "vulnerability": "VCID-f9uf-9x2e-dkb5" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-kecy-wbgw-x7fu" }, { "vulnerability": "VCID-kens-84bv-f3g9" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-nd7y-81kk-cbhw" }, { "vulnerability": "VCID-punf-m42j-27g8" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-skzq-uaju-hqa7" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-wcx6-jegk-mqg5" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.9" } ], "aliases": [ "CVE-2017-7525", "GHSA-qxxx-2pp7-5hmx" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kmda-42tq-vudq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6577?format=api", "vulnerability_id": "VCID-ncr4-82xp-eqh5", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0159", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0160", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0161", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0164", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0445", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0445" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17267.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17267.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17267", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01195", "scoring_system": "epss", "scoring_elements": "0.79278", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01195", "scoring_system": "epss", "scoring_elements": "0.79343", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01195", "scoring_system": "epss", "scoring_elements": "0.79356", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01195", "scoring_system": "epss", "scoring_elements": "0.79352", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17267" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17267", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17267" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/FasterXML/jackson-databind", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/191a4cdf87b56d2ddddb77edd895ee756b7f75eb", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/191a4cdf87b56d2ddddb77edd895ee756b7f75eb" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.3...jackson-databind-2.9.10", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.3...jackson-databind-2.9.10" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/issues/2460", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/issues/2460" }, { "reference_url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r9d727fc681fb3828794acbefcaee31393742b4d73a29461ccd9597a8@%3Cdev.skywalking.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r9d727fc681fb3828794acbefcaee31393742b4d73a29461ccd9597a8@%3Cdev.skywalking.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00013.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00013.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20191017-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20191017-0006" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20191017-0006/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20191017-0006/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758167", "reference_id": "1758167", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758167" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17267", "reference_id": "CVE-2019-17267", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17267" }, { "reference_url": "https://github.com/advisories/GHSA-f3j5-rmmp-3fc5", "reference_id": "GHSA-f3j5-rmmp-3fc5", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f3j5-rmmp-3fc5" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3200", "reference_id": "RHSA-2019:3200", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0895", "reference_id": "RHSA-2020:0895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0899", "reference_id": "RHSA-2020:0899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2067", "reference_id": "RHSA-2020:2067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2321", "reference_id": "RHSA-2020:2321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2333", "reference_id": "RHSA-2020:2333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3192", "reference_id": "RHSA-2020:3192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3192" }, { "reference_url": "https://usn.ubuntu.com/USN-4813-1/", "reference_id": "USN-USN-4813-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4813-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/15621?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5j5q-hb8b-7ybh" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-kecy-wbgw-x7fu" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-skzq-uaju-hqa7" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-wcx6-jegk-mqg5" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/15620?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-7zr2-u3f1-jqd1" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9wy4-n4u7-pycp" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-gkxx-gcqv-1kfa" }, { "vulnerability": "VCID-gu8e-dgse-2be4" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j5vg-pbkx-3ya4" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-jftj-9w4n-w3dn" }, { "vulnerability": "VCID-nasd-q68s-nqcu" }, { "vulnerability": "VCID-pbp8-csc6-57bs" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-s846-v89n-pfb4" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-v2ad-amun-wqaq" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-yk4b-82wg-auf5" }, { "vulnerability": "VCID-ykb2-yqj3-vfgw" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-yn5b-b6qq-xffs" }, { "vulnerability": "VCID-yv39-gzve-yke1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10" } ], "aliases": [ "CVE-2019-17267", "GHSA-f3j5-rmmp-3fc5" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ncr4-82xp-eqh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175014?format=api", "vulnerability_id": "VCID-skzq-uaju-hqa7", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0782", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:0782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:0877", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:0877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1822", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1823", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2804", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3002", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3140", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:4037", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:4037" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14718.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14718.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14718", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14515", "scoring_system": "epss", "scoring_elements": "0.94634", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.14515", "scoring_system": "epss", "scoring_elements": "0.94635", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.14515", "scoring_system": "epss", "scoring_elements": "0.94628", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.14515", "scoring_system": "epss", "scoring_elements": "0.9461", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14718" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14718", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14718" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14719", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14719" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14720", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14720" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086" }, { "reference_url": "https://github.com/FasterXML/jackson-databind", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/issues/2097", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/issues/2097" }, { "reference_url": "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7" }, { "reference_url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html" }, { "reference_url": "https://seclists.org/bugtraq/2019/May/68", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://seclists.org/bugtraq/2019/May/68" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190530-0003", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190530-0003" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190530-0003/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190530-0003/" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4452", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2019/dsa-4452" }, { "reference_url": "http://www.securityfocus.com/bid/106601", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/106601" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666415", "reference_id": "1666415", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666415" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14718", "reference_id": "CVE-2018-14718", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14718" }, { "reference_url": "https://github.com/advisories/GHSA-645p-88qh-w398", "reference_id": "GHSA-645p-88qh-w398", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-645p-88qh-w398" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1782", "reference_id": "RHSA-2019:1782", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1797", "reference_id": "RHSA-2019:1797", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2858", "reference_id": "RHSA-2019:2858", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:2858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3149", "reference_id": "RHSA-2019:3149", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3149" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3892", "reference_id": "RHSA-2019:3892", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2019:3892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2564", "reference_id": "RHSA-2020:2564", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2564" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1230", "reference_id": "RHSA-2021:1230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1515", "reference_id": "RHSA-2021:1515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1515" }, { "reference_url": "https://usn.ubuntu.com/USN-4813-1/", "reference_id": "USN-USN-4813-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4813-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/16478?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.6.7.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-176g-xhm6-37cm" }, { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-83rf-bazr-nyfm" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-cdde-bu2g-33hc" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-dcvw-72d9-kuda" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-epj9-sgcj-2ygr" }, { "vulnerability": "VCID-f9uf-9x2e-dkb5" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-kens-84bv-f3g9" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-nd7y-81kk-cbhw" }, { "vulnerability": "VCID-pbp8-csc6-57bs" }, { "vulnerability": "VCID-punf-m42j-27g8" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-yn5b-b6qq-xffs" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.6.7.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/14269?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.6.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-176g-xhm6-37cm" }, { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-epj9-sgcj-2ygr" }, { "vulnerability": "VCID-f9uf-9x2e-dkb5" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-kens-84bv-f3g9" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-nd7y-81kk-cbhw" }, { "vulnerability": "VCID-pbp8-csc6-57bs" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-yn5b-b6qq-xffs" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.6.7.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/14701?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5j5q-hb8b-7ybh" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-83rf-bazr-nyfm" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-9xet-5e66-1yeb" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-kecy-wbgw-x7fu" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-skzq-uaju-hqa7" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-wcx6-jegk-mqg5" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/14703?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5j5q-hb8b-7ybh" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-83rf-bazr-nyfm" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-9xet-5e66-1yeb" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-kecy-wbgw-x7fu" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-skzq-uaju-hqa7" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-wcx6-jegk-mqg5" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/14704?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-7zr2-u3f1-jqd1" }, { "vulnerability": "VCID-83rf-bazr-nyfm" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9wy4-n4u7-pycp" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-9xet-5e66-1yeb" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-cdde-bu2g-33hc" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-dcvw-72d9-kuda" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-gkxx-gcqv-1kfa" }, { "vulnerability": "VCID-gu8e-dgse-2be4" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j5vg-pbkx-3ya4" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-jftj-9w4n-w3dn" }, { "vulnerability": "VCID-nasd-q68s-nqcu" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-pbp8-csc6-57bs" }, { "vulnerability": "VCID-punf-m42j-27g8" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-s846-v89n-pfb4" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-v2ad-amun-wqaq" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-yk4b-82wg-auf5" }, { "vulnerability": "VCID-ykb2-yqj3-vfgw" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-yn5b-b6qq-xffs" }, { "vulnerability": "VCID-ysq3-uksg-8uhe" }, { "vulnerability": "VCID-yv39-gzve-yke1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.7" } ], "aliases": [ "CVE-2018-14718", "GHSA-645p-88qh-w398" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-skzq-uaju-hqa7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/204809?format=api", "vulnerability_id": "VCID-ysq3-uksg-8uhe", "summary": "Polymorphic deserialization of malicious object in jackson-databind", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0729", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2020:0729" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14893.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14893.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14893", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00956", "scoring_system": "epss", "scoring_elements": "0.76956", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00956", "scoring_system": "epss", "scoring_elements": "0.76941", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00956", "scoring_system": "epss", "scoring_elements": "0.76949", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00956", "scoring_system": "epss", "scoring_elements": "0.76871", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14893" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14893", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14893" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/commit/998efd708284778f29d83d7962a9bd935c228317", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/commit/998efd708284778f29d83d7962a9bd935c228317" }, { "reference_url": "https://github.com/FasterXML/jackson-databind/issues/2469", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FasterXML/jackson-databind/issues/2469" }, { "reference_url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200327-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20200327-0006" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200327-0006/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20200327-0006/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758182", "reference_id": "1758182", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758182" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14893", "reference_id": "CVE-2019-14893", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14893" }, { "reference_url": "https://github.com/advisories/GHSA-qmqc-x3r4-6v39", "reference_id": "GHSA-qmqc-x3r4-6v39", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qmqc-x3r4-6v39" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0895", "reference_id": "RHSA-2020:0895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:0899", "reference_id": "RHSA-2020:0899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:0899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2067", "reference_id": "RHSA-2020:2067", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2067" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2333", "reference_id": "RHSA-2020:2333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3192", "reference_id": "RHSA-2020:3192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3192" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/15621?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-3e79-1pn2-hqbr" }, { "vulnerability": "VCID-5j5q-hb8b-7ybh" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-6mm1-mbhs-23bw" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9x2p-xss7-yyae" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-kecy-wbgw-x7fu" }, { "vulnerability": "VCID-ncr4-82xp-eqh5" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-skzq-uaju-hqa7" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-wcx6-jegk-mqg5" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.11.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/15620?format=api", "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1rbn-tr82-nfhs" }, { "vulnerability": "VCID-1zgj-pwjz-tkf9" }, { "vulnerability": "VCID-5qe3-9uq1-w3fa" }, { "vulnerability": "VCID-7zr2-u3f1-jqd1" }, { "vulnerability": "VCID-9gek-hwbv-87hc" }, { "vulnerability": "VCID-9wva-fncp-5khs" }, { "vulnerability": "VCID-9wy4-n4u7-pycp" }, { "vulnerability": "VCID-a4ns-753v-f3a4" }, { "vulnerability": "VCID-beub-gxyy-ckaq" }, { "vulnerability": "VCID-bwma-hhuz-8kes" }, { "vulnerability": "VCID-c6yp-rbn5-ybft" }, { "vulnerability": "VCID-d7fc-apg8-tyh5" }, { "vulnerability": "VCID-e865-k4uj-u7dc" }, { "vulnerability": "VCID-ebf2-rfym-xuck" }, { "vulnerability": "VCID-gkxx-gcqv-1kfa" }, { "vulnerability": "VCID-gu8e-dgse-2be4" }, { "vulnerability": "VCID-h5z6-4yu2-27dn" }, { "vulnerability": "VCID-j54g-s28q-cuhs" }, { "vulnerability": "VCID-j5vg-pbkx-3ya4" }, { "vulnerability": "VCID-j7qz-xhu9-aydr" }, { "vulnerability": "VCID-jftj-9w4n-w3dn" }, { "vulnerability": "VCID-nasd-q68s-nqcu" }, { "vulnerability": "VCID-pbp8-csc6-57bs" }, { "vulnerability": "VCID-rg6h-uhep-kyce" }, { "vulnerability": "VCID-rwt6-z926-bfht" }, { "vulnerability": "VCID-s846-v89n-pfb4" }, { "vulnerability": "VCID-tgta-jaet-vfd3" }, { "vulnerability": "VCID-v2ad-amun-wqaq" }, { "vulnerability": "VCID-y8zh-9nz1-6bh4" }, { "vulnerability": "VCID-yk4b-82wg-auf5" }, { "vulnerability": "VCID-ykb2-yqj3-vfgw" }, { "vulnerability": "VCID-ymmu-u1mr-v7ae" }, { "vulnerability": "VCID-yn5b-b6qq-xffs" }, { "vulnerability": "VCID-yv39-gzve-yke1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.10" } ], "aliases": [ "CVE-2019-14893", "GHSA-qmqc-x3r4-6v39" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ysq3-uksg-8uhe" } ], "fixing_vulnerabilities": [], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.0.0-RC3" }