admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-30 18:04:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2018/7xxx/CVE-2018-7489.json
CVE Team c235422345
- Synchronized data.
2019-01-16 14:04:51 -05:00

168 lines
5.8 KiB
JSON
Raw Blame History

{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-7489",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/FasterXML/jackson-databind/issues/1931",
"refsource" : "CONFIRM",
"url" : "https://github.com/FasterXML/jackson-databind/issues/1931"
},
{
"name" : "https://security.netapp.com/advisory/ntap-20180328-0001/",
"refsource" : "CONFIRM",
"url" : "https://security.netapp.com/advisory/ntap-20180328-0001/"
},
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03902en_us",
"refsource" : "CONFIRM",
"url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03902en_us"
},
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name" : "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource" : "CONFIRM",
"url" : "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name" : "DSA-4190",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4190"
},
{
"name" : "RHSA-2018:1447",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1447"
},
{
"name" : "RHSA-2018:1448",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1448"
},
{
"name" : "RHSA-2018:1449",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1449"
},
{
"name" : "RHSA-2018:1450",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1450"
},
{
"name" : "RHSA-2018:1451",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1451"
},
{
"name" : "RHSA-2018:1786",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:1786"
},
{
"name" : "RHSA-2018:2088",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2088"
},
{
"name" : "RHSA-2018:2089",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2089"
},
{
"name" : "RHSA-2018:2090",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2090"
},
{
"name" : "RHSA-2018:2938",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2938"
},
{
"name" : "RHSA-2018:2939",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2939"
},
{
"name" : "103203",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103203"
},
{
"name" : "1040693",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1040693"
},
{
"name" : "1041890",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041890"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink