Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-su7t-ac23-hke5

Summary

Deserialization of Untrusted Data in org.codehaus.jackson:jackson-mapper-asl
A series of deserialization vulnerabilities have been discovered in Codehaus 1.9.x implemented in EAP 7. This CVE fixes CVE-2017-17485, CVE-2017-7525, CVE-2017-15095, CVE-2018-5968, CVE-2018-7489, CVE-2018-1000873, CVE-2019-12086 reported for FasterXML jackson-databind by implementing a whitelist approach that will mitigate these vulnerabilities and future ones alike.

Aliases

alias	CVE-2019-10202

alias	GHSA-c27h-mcmw-48hv

Fixed_packages

Affected_packages

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.6

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.6

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.7

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.7

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.8

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.8

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.9

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.9

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.9-2

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.9-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.9-2

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.9-3

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.9-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.9-3

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.9-4

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.9-4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.9-4

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.9-5

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.9-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.9-5

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.9-6

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.9-6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@0.9.9-6

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.0.0

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.0.0

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.0.1

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.0.1

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.1.0

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.1.0

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.1.1

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.1.1

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.1.2

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.1.2

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.2.0

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.2.0

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.2.1

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.2.1

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.3.0

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.3.0

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.3.1

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.3.1

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.3.2

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.3.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.3.2

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.3.3

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.3.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.3.3

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.3.4

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.3.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.3.4

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.3.5

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.3.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.3.5

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.4.0

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.4.0

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.4.1

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.4.1

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.4.2

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.4.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.4.2

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.4.3

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.4.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.4.3

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.4.4

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.4.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.4.4

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.4.5

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.4.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.4.5

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.0

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.0

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.1

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.1

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.2

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.2

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.3

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.3

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.4

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.4

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.5

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.5

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.6

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.6

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.7

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.7

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.8

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.5.8

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.0

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.0

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.1

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.1

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.2

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.2

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.3

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.3

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.4

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.4

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.5

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.5

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.6

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.6

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.7

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.7

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.9

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.6.9

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.0

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.0

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.1

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.1

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.2

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.2

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.3

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.3

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.4

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.4

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.5

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.5

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.6

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.6

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.7

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.7

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.8

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.8

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.9

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.7.9

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.0

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.0

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.1

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.1

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.2

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.2

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.3

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.3

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.4

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.4

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.5

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.5

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.6

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.6

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.7

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.7

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.8

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.8

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.9

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.9

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.10

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.10

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.11

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.11

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.0

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7x9r-v8nm-nbf7

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.0

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.1

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7x9r-v8nm-nbf7

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.1

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.2

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7x9r-v8nm-nbf7

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.2

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.3

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7x9r-v8nm-nbf7

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.3

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.4

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7x9r-v8nm-nbf7

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.4

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.5

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7x9r-v8nm-nbf7

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.5

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.6

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7x9r-v8nm-nbf7

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.6

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.7

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7x9r-v8nm-nbf7

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.7

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.8

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7x9r-v8nm-nbf7

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.8

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.9

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7x9r-v8nm-nbf7

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.9

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.10

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7x9r-v8nm-nbf7

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.10

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.11

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7x9r-v8nm-nbf7

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.11

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.12

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7x9r-v8nm-nbf7

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.12

url pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.13

purl pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7x9r-v8nm-nbf7

vulnerability	VCID-su7t-ac23-hke5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.13

url pkg:rpm/redhat/eap7-codehaus-jackson@1.9.13-9.redhat_00006.1?arch=el8eap

purl pkg:rpm/redhat/eap7-codehaus-jackson@1.9.13-9.redhat_00006.1?arch=el8eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4kdg-asyc-rbdx

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-9wej-f7zx-pfeq

vulnerability	VCID-scjb-1mwk-rfdd

vulnerability	VCID-su7t-ac23-hke5

vulnerability	VCID-wg36-q48g-mkds

vulnerability	VCID-ygs8-4gxq-kygq

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-codehaus-jackson@1.9.13-9.redhat_00006.1%3Farch=el8eap

url pkg:rpm/redhat/eap7-codehaus-jackson@1.9.13-9.redhat_00006.1?arch=el7eap

purl pkg:rpm/redhat/eap7-codehaus-jackson@1.9.13-9.redhat_00006.1?arch=el7eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4kdg-asyc-rbdx

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-9wej-f7zx-pfeq

vulnerability	VCID-scjb-1mwk-rfdd

vulnerability	VCID-su7t-ac23-hke5

vulnerability	VCID-wg36-q48g-mkds

vulnerability	VCID-ygs8-4gxq-kygq

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-codehaus-jackson@1.9.13-9.redhat_00006.1%3Farch=el7eap

url pkg:rpm/redhat/eap7-codehaus-jackson@1.9.13-9.redhat_00006.1?arch=el6eap

purl pkg:rpm/redhat/eap7-codehaus-jackson@1.9.13-9.redhat_00006.1?arch=el6eap

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4kdg-asyc-rbdx

vulnerability	VCID-56sb-829v-6qbz

vulnerability	VCID-9wej-f7zx-pfeq

vulnerability	VCID-scjb-1mwk-rfdd

vulnerability	VCID-su7t-ac23-hke5

vulnerability	VCID-wg36-q48g-mkds

vulnerability	VCID-ygs8-4gxq-kygq

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-codehaus-jackson@1.9.13-9.redhat_00006.1%3Farch=el6eap

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10202.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10202.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-10202

reference_id

reference_type

scores

value	0.0724
scoring_system	epss
scoring_elements	0.91641
published_at	2026-04-18T12:55:00Z

value	0.0724
scoring_system	epss
scoring_elements	0.91648
published_at	2026-04-16T12:55:00Z

value	0.0724
scoring_system	epss
scoring_elements	0.91631
published_at	2026-04-12T12:55:00Z

value	0.0724
scoring_system	epss
scoring_elements	0.91628
published_at	2026-04-13T12:55:00Z

value	0.0724
scoring_system	epss
scoring_elements	0.91624
published_at	2026-04-09T12:55:00Z

value	0.0724
scoring_system	epss
scoring_elements	0.91618
published_at	2026-04-08T12:55:00Z

value	0.0724
scoring_system	epss
scoring_elements	0.91605
published_at	2026-04-07T12:55:00Z

value	0.0724
scoring_system	epss
scoring_elements	0.91596
published_at	2026-04-04T12:55:00Z

value	0.0724
scoring_system	epss
scoring_elements	0.91582
published_at	2026-04-01T12:55:00Z

value	0.0724
scoring_system	epss
scoring_elements	0.9159
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10202

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10202

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10202

reference_url

https://lists.apache.org/thread.html/r0fbf2c60967bc9f73d7f5a62ad3b955789f9a14b950f42e99fca9b4e@%3Cissues.hive.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r0fbf2c60967bc9f73d7f5a62ad3b955789f9a14b950f42e99fca9b4e@%3Cissues.hive.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r0fbf2c60967bc9f73d7f5a62ad3b955789f9a14b950f42e99fca9b4e%40%3Cissues.hive.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r0fbf2c60967bc9f73d7f5a62ad3b955789f9a14b950f42e99fca9b4e%40%3Cissues.hive.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r1edabcfacdad42d3c830464e9cf07a9a489059a7b7a8642cf055542d@%3Cissues.hive.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r1edabcfacdad42d3c830464e9cf07a9a489059a7b7a8642cf055542d@%3Cissues.hive.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r1edabcfacdad42d3c830464e9cf07a9a489059a7b7a8642cf055542d%40%3Cissues.hive.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r1edabcfacdad42d3c830464e9cf07a9a489059a7b7a8642cf055542d%40%3Cissues.hive.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r356592d9874ab4bc9da4754592f8aa6edc894c95e17e58484bc2af7a@%3Cissues.hive.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r356592d9874ab4bc9da4754592f8aa6edc894c95e17e58484bc2af7a@%3Cissues.hive.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r356592d9874ab4bc9da4754592f8aa6edc894c95e17e58484bc2af7a%40%3Cissues.hive.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r356592d9874ab4bc9da4754592f8aa6edc894c95e17e58484bc2af7a%40%3Cissues.hive.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r500867b74f42230a3d65b8aec31fc93ac390eeae737c91a759ab94cb@%3Cissues.hive.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r500867b74f42230a3d65b8aec31fc93ac390eeae737c91a759ab94cb@%3Cissues.hive.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r500867b74f42230a3d65b8aec31fc93ac390eeae737c91a759ab94cb%40%3Cissues.hive.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r500867b74f42230a3d65b8aec31fc93ac390eeae737c91a759ab94cb%40%3Cissues.hive.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r5f16a1bd31a7e94ca78eda686179930781aa3a4a990cd55986703581@%3Cdev.hive.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r5f16a1bd31a7e94ca78eda686179930781aa3a4a990cd55986703581@%3Cdev.hive.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r5f16a1bd31a7e94ca78eda686179930781aa3a4a990cd55986703581%40%3Cdev.hive.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r5f16a1bd31a7e94ca78eda686179930781aa3a4a990cd55986703581%40%3Cdev.hive.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r6dea2a887f5eb1d68f124d64b14cd1a04f682f06de8cd01b7e4214e0@%3Cissues.hive.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r6dea2a887f5eb1d68f124d64b14cd1a04f682f06de8cd01b7e4214e0@%3Cissues.hive.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r6dea2a887f5eb1d68f124d64b14cd1a04f682f06de8cd01b7e4214e0%40%3Cissues.hive.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r6dea2a887f5eb1d68f124d64b14cd1a04f682f06de8cd01b7e4214e0%40%3Cissues.hive.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rce00a1c60f7df4b10e72fa87827c102f55b074bb91993631df2c21f9@%3Cdev.hive.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rce00a1c60f7df4b10e72fa87827c102f55b074bb91993631df2c21f9@%3Cdev.hive.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rce00a1c60f7df4b10e72fa87827c102f55b074bb91993631df2c21f9%40%3Cdev.hive.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rce00a1c60f7df4b10e72fa87827c102f55b074bb91993631df2c21f9%40%3Cdev.hive.apache.org%3E

reference_url

https://lists.apache.org/thread.html/refea6018a2c4e9eb7838cab567ed219c3f726dcd83a5472fbb80d8d9@%3Cissues.flume.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/refea6018a2c4e9eb7838cab567ed219c3f726dcd83a5472fbb80d8d9@%3Cissues.flume.apache.org%3E

reference_url

https://lists.apache.org/thread.html/refea6018a2c4e9eb7838cab567ed219c3f726dcd83a5472fbb80d8d9%40%3Cissues.flume.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/refea6018a2c4e9eb7838cab567ed219c3f726dcd83a5472fbb80d8d9%40%3Cissues.flume.apache.org%3E

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-10202

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-10202

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1731271
reference_id	1731271
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1731271

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

reference_url

https://github.com/advisories/GHSA-c27h-mcmw-48hv

reference_id

GHSA-c27h-mcmw-48hv

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-c27h-mcmw-48hv

reference_url	https://access.redhat.com/errata/RHSA-2020:5568
reference_id	RHSA-2020:5568
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5568

Weaknesses

cwe_id	502
name	Deserialization of Untrusted Data
description	The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

Exploits

Severity_range_score 7.5 - 10.0

Exploitability 0.5

Weighted_severity 9.0

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-su7t-ac23-hke5

Vulnerability Instance