Vulnerability Name:

CVE-2018-19362 (CCN-155093)

Assigned:2018-11-18
Published:2018-11-18
Updated:2020-08-31
Summary:FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.
CVSS v3 Severity:9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-502
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2018-19362

Source: CCN
Type: IBM Security Bulletin 871810 (COS SDK Java)
Multiple vulnerabilities affect IBM Cloud Object Storage SDK Java (Feb 2019)

Source: CCN
Type: Oracle CPUApr2019
Oracle Critical Patch Update Advisory - April 2019

Source: CCN
Type: Oracle CPUJul2019
Oracle Critical Patch Update Advisory - July 2019

Source: CCN
Type: Oracle CPUOct2019
Oracle Critical Patch Update Advisory - October 2019

Source: BID
Type: Third Party Advisory, VDB Entry
107985

Source: REDHAT
Type: Third Party Advisory
RHBA-2019:0959

Source: REDHAT
Type: Third Party Advisory
RHSA-2019:0782

Source: REDHAT
Type: Third Party Advisory
RHSA-2019:0877

Source: REDHAT
Type: Third Party Advisory
RHSA-2019:1782

Source: REDHAT
Type: Third Party Advisory
RHSA-2019:1797

Source: REDHAT
Type: Third Party Advisory
RHSA-2019:1822

Source: REDHAT
Type: Third Party Advisory
RHSA-2019:1823

Source: REDHAT
Type: UNKNOWN
RHSA-2019:2804

Source: REDHAT
Type: UNKNOWN
RHSA-2019:2858

Source: REDHAT
Type: UNKNOWN
RHSA-2019:3002

Source: REDHAT
Type: UNKNOWN
RHSA-2019:3140

Source: REDHAT
Type: UNKNOWN
RHSA-2019:3149

Source: REDHAT
Type: UNKNOWN
RHSA-2019:3892

Source: REDHAT
Type: UNKNOWN
RHSA-2019:4037

Source: XF
Type: UNKNOWN
fasterxml-cve201819362-unspecified(155093)

Source: CONFIRM
Type: Patch, Third Party Advisory
https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b

Source: CCN
Type: jackson-databind GIT Repository
Block more classes from polymorphic deserialization (CVE-2018-19360, CVE-2018-19361, CVE-2018-19362) #2186

Source: CONFIRM
Type: Issue Tracking, Patch, Third Party Advisory
https://github.com/FasterXML/jackson-databind/issues/2186

Source: CONFIRM
Type: Patch, Release Notes, Third Party Advisory
https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8

Source: CONFIRM
Type: Issue Tracking, Third Party Advisory
https://issues.apache.org/jira/browse/TINKERPOP-2121

Source: MLIST
Type: Mailing List, Patch, Third Party Advisory
[infra-devnull] 20190329 [GitHub] [pulsar] massakam opened pull request #3938: Upgrade third party libraries with security vulnerabilities

Source: MLIST
Type: UNKNOWN
[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities

Source: MLIST
Type: UNKNOWN
[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities

Source: MLIST
Type: UNKNOWN
[nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html

Source: MLIST
Type: Mailing List, Patch, Third Party Advisory
[pulsar-commits] 20190329 [GitHub] [pulsar] massakam opened a new pull request #3938: Upgrade third party libraries with security vulnerabilities

Source: MLIST
Type: UNKNOWN
[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities

Source: MLIST
Type: Third Party Advisory
[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1

Source: MLIST
Type: UNKNOWN
[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image

Source: MLIST
Type: UNKNOWN
[nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html

Source: MLIST
Type: UNKNOWN
[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20190304 [SECURITY] [DLA 1703-1] jackson-databind security update

Source: BUGTRAQ
Type: Mailing List, Third Party Advisory
20190527 [SECURITY] [DSA 4452-1] jackson-databind security update

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20190530-0003/

Source: CCN
Type: IBM Security Bulletin 885602 (PureApplication System)
Multiple vulnerabilities affect IBM PureApplication System

Source: DEBIAN
Type: Third Party Advisory
DSA-4452

Source: CCN
Type: IBM Security Bulletin 874334 (Tivoli Netcool/OMNIbus)
Multiple vulnerabilities have been identified in FasterXML Jackson library shipped with IBM Tivoli Netcool/OMNIbus Common Integration Libraries (CVE-2018-19360, CVE-2018-19361, CVE-2018-19362, CVE-2018-1000873)

Source: CCN
Type: IBM Security Bulletin 876544 (Event Streams)
IBM Event Streams is affected by jackson-databind vulnerabilities

Source: CCN
Type: IBM Security Bulletin 2867997 (Rational Rhapsody Design Manager)
Security vulnerabilities affect multiple IBM Rational products based on IBM Jazz technology

Source: CCN
Type: IBM Security Bulletin 6209691 (Sterling B2B Integrator)
Multiple Security Vulnerabilities in Jackson-databind Affect IBM Sterling B2B Integrator

Source: CCN
Type: IBM Security Bulletin 6217807 (Security Identity Governance and Intelligence)
IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6244628 (Rational Publishing Engine)
Third party vulnerable library Jackson-Databind affects IBM Engineering Lifecycle Optimization - Publishing

Source: CCN
Type: IBM Security Bulletin 6320835 (Security Guardium Data Encryption)
Multiple Vulnerabilities in IBM Guardium Data Encryption (GDE)

Source: CCN
Type: IBM Security Bulletin 6324739 (Security Guardium Insights)
IBM Security Guardium Insights is affected by Components with known vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6340251 (Maximo Asset Management)
IBM Maximo Asset Management is vulnerable to Multiple Jackson-Databind CVEs - February 2020

Source: CCN
Type: IBM Security Bulletin 6403331 (Security Guardium Data Encryption)
Multiple Vulnerabilities in IBM Guardium Data Encryption (GDE)

Source: CCN
Type: IBM Security Bulletin 6444089 (Log Analysis)
Multiple vulnerabilities in FasterXML jackson-databind affect Apache Solr shipped with IBM Operations Analytics - Log Analysis

Source: CCN
Type: IBM Security Bulletin 6593435 (Process Mining)
Vulnerability in jackson-databind affects IBM Process Mining (Multiple CVEs)

Source: CCN
Type: IBM Security Bulletin 6828455 (z/Transaction Processing Facility)
z/Transaction Processing Facility is affected by multiple vulnerabilities in the jackson-databind, jackson-dataformat-xml, jackson-core, slf4j-ext, and cxf-core packages

Source: CCN
Type: IBM Security Bulletin 6840955 (Log Analysis)
Multiple vulnerabilities in Data-Binding for Jackson shipped with IBM Operations Analytics - Log Analysis

Source: CCN
Type: IBM Security Bulletin 6910171 (Integration Designer)
Multiple CVEs affect IBM Integration Designer

Source: CCN
Type: IBM Security Bulletin 6983482 (Security Verify Governance)
IBM Security Verify Governance is vulnerable to a denial of service caused by multiple vulnerabilities.

Source: N/A
Type: UNKNOWN
N/A

Source: MISC
Type: UNKNOWN
https://www.oracle.com/security-alerts/cpujan2020.html

Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

Source: MISC
Type: UNKNOWN
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

Vulnerable Configuration:Configuration 1:
  • cpe:/a:fasterxml:jackson-databind:*:*:*:*:*:*:*:* (Version >= 2.6.0 and <= 2.6.7.2)
  • OR cpe:/a:fasterxml:jackson-databind:*:*:*:*:*:*:*:* (Version >= 2.7.0 and < 2.7.9.5)
  • OR cpe:/a:fasterxml:jackson-databind:*:*:*:*:*:*:*:* (Version >= 2.8.0 and < 2.8.11.3)
  • OR cpe:/a:fasterxml:jackson-databind:*:*:*:*:*:*:*:* (Version >= 2.9.0 and < 2.9.8)

    • Configuration 2:
  • cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/a:oracle:business_process_management_suite:12.1.3.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:* (Version >= 17.7 and <= 17.12)
  • OR cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:18.8:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_unifier:*:*:*:*:*:*:*:* (Version >= 17.7 and <= 17.12)
  • OR cpe:/a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_workforce_management:1.60.9.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/a:redhat:automation_manager:7.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:decision_manager:7.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_bpm_suite:6.4.11:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_brms:6.4.10:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:fasterxml:jackson-databind:2.9.7:*:*:*:*:*:*:*
  • OR cpe:/a:fasterxml:jackson-databind:2.9.6:*:*:*:*:*:*:*
  • OR cpe:/a:fasterxml:jackson-databind:2.3:*:*:*:*:*:*:*
  • OR cpe:/a:fasterxml:jackson-databind:2.4:*:*:*:*:*:*:*
  • OR cpe:/a:fasterxml:jackson-databind:2.5:*:*:*:*:*:*:*
  • OR cpe:/a:fasterxml:jackson-databind:2.6:*:*:*:*:*:*:*
  • OR cpe:/a:fasterxml:jackson-databind:2.7:*:*:*:*:*:*:*
  • OR cpe:/a:fasterxml:jackson-databind:2.8:*:*:*:*:*:*:*
  • OR cpe:/a:fasterxml:jackson-databind:2.9:*:*:*:*:*:*:*
  • OR cpe:/a:fasterxml:jackson-databind:2.9.1:*:*:*:*:*:*:*
  • OR cpe:/a:fasterxml:jackson-databind:2.9.2:*:*:*:*:*:*:*
  • OR cpe:/a:fasterxml:jackson-databind:2.9.3:*:*:*:*:*:*:*
  • OR cpe:/a:fasterxml:jackson-databind:2.9.4:*:*:*:*:*:*:*
  • OR cpe:/a:fasterxml:jackson-databind:2.9.5:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:tivoli_netcool/omnibus:8.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:maximo_asset_management:7.6.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_rhapsody_design_manager:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_rhapsody_design_manager:6.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_rhapsody_design_manager:6.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_rhapsody_design_manager:6.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:pureapplication_system:2.2.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_gateway:15.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_gateway:16.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:pureapplication_system:2.2.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:pureapplication_system:2.2.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:business_process_management_suite:12.1.3.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:pureapplication_system:2.2.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_xstore_point_of_service:16.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_rhapsody_design_manager:6.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_customer_management_and_segmentation_foundation:16.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:17:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_rhapsody_design_manager:6.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:pureapplication_system:2.2.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:pureapplication_system:2.2.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_unifier:17.12:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_customer_management_and_segmentation_foundation:17.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:maximo_asset_management:7.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_rhapsody_design_manager:6.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_publishing_engine:6.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_gateway:17.12:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:18.8:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:pureapplication_system:2.2.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:event_streams:2018.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_workforce_management:1.60.9:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:financial_services_analytical_applications_infrastructure:8.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:pureapplication_system:2.2.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:5.2.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:event_streams:2018.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:financial_services_retail_customer_analytics:8.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:financial_services_institutional_performance_analytics:8.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:primavera_gateway:18.8:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_xstore_point_of_service:18.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:financial_services_profitability_management:8.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:financial_services_funds_transfer_pricing:8.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:financial_services_price_creation_and_discovery:8.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_calendar_server:8.0.0.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:banking_platform:2.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_rhapsody_design_manager:6.0.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:6.0.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:log_analysis:1.3.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:log_analysis:1.3.6.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:log_analysis:1.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:log_analysis:1.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:log_analysis:1.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:log_analysis:1.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:log_analysis:1.3.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:log_analysis:1.3.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_publishing_engine:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium_insights:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium_data_encryption:3.0.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:log_analysis:1.3.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:integration_designer:20.0.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_verify_governance:10.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:201819362
    V
    		CVE-2018-19362
    2023-06-22
    oval:org.opensuse.security:def:7534
    P
    		jackson-databind-2.13.4.2-150200.3.12.1 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:1397
    P
    		Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP3) (Important) (in QA)
    2022-06-27
    oval:org.opensuse.security:def:94585
    P
    		jackson-databind-2.10.5.1-3.5.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:2955
    P
    		jackson-databind-2.10.5.1-3.5.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:72734
    P
    		jackson-databind-2.10.5.1-3.3.2 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:100848
    P
    		graphviz-2.40.1-6.6.4 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:101273
    P
    		jackson-databind-2.10.5.1-3.3.2 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:1926
    P
    		jackson-databind-2.10.5.1-3.3.2 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:63015
    P
    		jackson-databind-2.10.5.1-3.3.2 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:66814
    P
    		Security update for the Linux Kernel (Important)
    2021-06-08
    oval:org.opensuse.security:def:66722
    P
    		Security update for xen (Important)
    2021-04-06
    oval:org.opensuse.security:def:70170
    P
    		Security update for gcc7 (Moderate)
    2020-12-10
    oval:org.opensuse.security:def:72675
    P
    		jackson-databind-2.10.2-1.74 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:94135
    P
    		jackson-databind-2.10.2-1.74 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:107514
    P
    		jackson-databind-2.10.2-1.74 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:1867
    P
    		jackson-databind-2.10.2-1.74 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:117072
    P
    		jackson-databind-2.10.2-1.74 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:62956
    P
    		jackson-databind-2.10.2-1.74 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:73505
    P
    		jackson-databind on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49784
    P
    		glibc-devel-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49838
    P
    		jackson-databind on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:73387
    P
    		gnome-desktop-lang on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:70065
    P
    		imlib2-loaders on GA media (Moderate)
    2020-12-01
    oval:com.ubuntu.disco:def:2018193620000000
    V
    		CVE-2018-19362 on Ubuntu 19.04 (disco) - medium.
    2019-01-02
    oval:com.ubuntu.bionic:def:201819362000
    V
    		CVE-2018-19362 on Ubuntu 18.04 LTS (bionic) - medium.
    2019-01-02
    oval:com.ubuntu.cosmic:def:2018193620000000
    V
    		CVE-2018-19362 on Ubuntu 18.10 (cosmic) - medium.
    2019-01-02
    oval:com.ubuntu.cosmic:def:201819362000
    V
    		CVE-2018-19362 on Ubuntu 18.10 (cosmic) - medium.
    2019-01-02
    oval:com.ubuntu.bionic:def:2018193620000000
    V
    		CVE-2018-19362 on Ubuntu 18.04 LTS (bionic) - medium.
    2019-01-02
    oval:com.ubuntu.trusty:def:201819362000
    V
    		CVE-2018-19362 on Ubuntu 14.04 LTS (trusty) - medium.
    2019-01-02
    oval:com.ubuntu.xenial:def:2018193620000000
    V
    		CVE-2018-19362 on Ubuntu 16.04 LTS (xenial) - medium.
    2019-01-02
    oval:com.ubuntu.xenial:def:201819362000
    V
    		CVE-2018-19362 on Ubuntu 16.04 LTS (xenial) - medium.
    2019-01-02
    BACK
    fasterxml jackson-databind *
    fasterxml jackson-databind *
    fasterxml jackson-databind *
    fasterxml jackson-databind *
    debian debian linux 8.0
    oracle business process management suite 12.1.3.0.0
    oracle business process management suite 12.2.1.3.0
    oracle primavera p6 enterprise project portfolio management 15.1
    oracle primavera p6 enterprise project portfolio management 15.2
    oracle primavera p6 enterprise project portfolio management 16.1
    oracle primavera p6 enterprise project portfolio management 16.2
    oracle primavera p6 enterprise project portfolio management *
    oracle primavera p6 enterprise project portfolio management 18.8
    oracle primavera unifier 16.1
    oracle primavera unifier 16.2
    oracle primavera unifier *
    oracle primavera unifier 18.8
    oracle retail workforce management software 1.60.9.0.0
    oracle webcenter portal 12.2.1.3.0
    redhat automation manager 7.3.1
    redhat decision manager 7.3.1
    redhat jboss bpm suite 6.4.11
    redhat jboss brms 6.4.10
    redhat openshift container platform 3.11
    fasterxml jackson-databind 2.9.7
    fasterxml jackson-databind 2.9.6
    fasterxml jackson-databind 2.3
    fasterxml jackson-databind 2.4
    fasterxml jackson-databind 2.5
    fasterxml jackson-databind 2.6
    fasterxml jackson-databind 2.7
    fasterxml jackson-databind 2.8
    fasterxml jackson-databind 2.9
    fasterxml jackson-databind 2.9.1
    fasterxml jackson-databind 2.9.2
    fasterxml jackson-databind 2.9.3
    fasterxml jackson-databind 2.9.4
    fasterxml jackson-databind 2.9.5
    ibm tivoli netcool/omnibus 8.1.0
    ibm maximo asset management 7.6.0
    oracle jd edwards enterpriseone tools 9.2
    ibm rational rhapsody design manager 6.0
    ibm rational rhapsody design manager 6.0.1
    ibm rational rhapsody design manager 6.0.2
    ibm rational rhapsody design manager 6.0.3
    ibm pureapplication system 2.2.3.0
    oracle primavera p6 enterprise project portfolio management 15.1
    oracle primavera p6 enterprise project portfolio management 15.2
    oracle primavera p6 enterprise project portfolio management 16.1
    oracle primavera p6 enterprise project portfolio management 16.2
    oracle primavera unifier 16.1
    oracle primavera unifier 16.2
    oracle primavera gateway 15.2
    oracle primavera gateway 16.2
    ibm pureapplication system 2.2.3.1
    ibm pureapplication system 2.2.3.2
    oracle business process management suite 12.1.3.0.0
    ibm pureapplication system 2.2.4.0
    oracle retail xstore point of service 15.0
    oracle retail xstore point of service 16.0
    oracle retail xstore point of service 7.0
    oracle retail xstore point of service 7.1
    oracle webcenter portal 12.2.1.3.0
    ibm rational rhapsody design manager 6.0.4
    oracle retail customer management and segmentation foundation 16.0
    oracle primavera p6 enterprise project portfolio management 17
    ibm rational rhapsody design manager 6.0.5
    ibm pureapplication system 2.2.5.0
    ibm pureapplication system 2.2.5.1
    oracle primavera unifier 17.12
    oracle retail customer management and segmentation foundation 17.0
    oracle business process management suite 12.2.1.3.0
    ibm maximo asset management 7.6.1
    ibm rational rhapsody design manager 6.0.6
    ibm rational publishing engine 6.0.6
    oracle primavera unifier 18.8
    oracle primavera gateway 17.12
    oracle primavera p6 enterprise project portfolio management 18.8
    ibm pureapplication system 2.2.5.2
    ibm event streams 2018.3.0
    oracle retail workforce management 1.60.9
    oracle financial services analytical applications infrastructure 8.0.8
    ibm pureapplication system 2.2.5.3
    ibm sterling b2b integrator 5.2.0.0
    ibm event streams 2018.3.1
    oracle financial services retail customer analytics 8.0.6
    oracle financial services institutional performance analytics 8.0.7
    oracle primavera gateway 18.8
    oracle retail xstore point of service 17.0
    oracle retail xstore point of service 18.0
    oracle retail customer management and segmentation foundation 18.0
    oracle financial services profitability management 8.0.7
    oracle financial services funds transfer pricing 8.0.7
    oracle financial services price creation and discovery 8.0.7
    oracle communications calendar server 8.0.0.2.0
    oracle insurance allocation manager for enterprise profitability 8.0.8
    oracle banking platform 2.7.1
    ibm rational rhapsody design manager 6.0.6.1
    ibm sterling b2b integrator 6.0.3.1
    ibm security identity governance and intelligence 5.2.6
    ibm log analysis 1.3.5.3
    ibm log analysis 1.3.6.0
    ibm log analysis 1.3.1
    ibm log analysis 1.3.2
    ibm log analysis 1.3.3
    ibm log analysis 1.3.4
    ibm log analysis 1.3.5
    ibm log analysis 1.3.6
    ibm rational publishing engine 7.0
    ibm security guardium insights 2.0.1
    ibm security guardium data encryption 3.0.0.2
    ibm log analysis 1.3.6.1
    ibm integration designer 20.0.0.2
    ibm security verify governance 10.0