fasterxml jackson-databind CVE-2019-14379 vulnerability in FasterXML and Other Products
Published on July 29, 2019

product logo product logo product logo product logo product logo product logo product logo
SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD


Products Associated with CVE-2019-14379

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-14379 are published in these products:

FasterXML Jackson Databind
 
NetApp Active Iq Unified Manager
 
NetApp Oncommand Workflow Automation
 
NetApp Service Level Manager
 
NetApp Snapcenter
 
Oracle Banking Platform
 
Oracle Financial Services Analytical Applications Infrastructure
 
Oracle Jd Edwards Enterpriseone Tools
 
Oracle Primavera Gateway
 
Oracle Primavera Unifier
 
Oracle Retail Customer Management Segmentation Foundation
 
Oracle Retail Xstore Point Of Service
 
Oracle Siebel Ui Framework
 
Red Hat Openshift Container Platform
 
Debian Linux
 
Fedora Project Fedora
 
Oracle Communications Diameter Signaling Router
 
Oracle Communications Instant Messaging Server
 
Oracle Jd Edwards Enterpriseone Orchestrator
 
Oracle Goldengate Stream Analytics
 
Oracle Siebel Engineering Installer Deployment
 
Apple Xcode
 

Exploit Probability

EPSS
1.80%
Percentile
82.24%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.