CVE-2019-14379
Published at:
-
29-07-2019 02:15
Last modified:
-
22-04-2022 06:03
Total changes:
-
6
Description
Common Vulnerability Scoring System (CVSS)
Low
Attack complexity
Network
Attack vector
High
Availability
High
Confidentiality
High
Integrity
None
Privileges required
Unchanged
Scope
None
User interaction
9.8
Base score
3.9
5.9
Exploitability score
Impact score
Verification logic
Reference
- https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.1...jackson-databind-2.9.9.2
- https://github.com/FasterXML/jackson-databind/issues/2387
- [debian-lts-announce] 20190812 [SECURITY] [DLA 1879-1] jackson-databind security update-Mailing List, Third Party Advisory
- [ambari-commits] 20190813 [ambari] branch trunk updated: AMBARI-25352 : Upgrade fasterxml jackson dependency due to CVE-2019-14379(trunk) (#3067)-Mailing List, Third Party Advisory
- [ambari-commits] 20190813 [ambari] branch branch-2.7 updated: AMBARI-25352 : Upgrade fasterxml jackson dependency due to CVE-2019-14379 (#3066)-Mailing List, Third Party Advisory
- https://security.netapp.com/advisory/ntap-20190814-0001/
- [pulsar-commits] 20190822 [GitHub] [pulsar] massakam opened a new pull request #5011: [security] Upgrade jackson-databind-Mailing List, Third Party Advisory
- [tomee-dev] 20190905 [GitHub] [tomee] asf-ci commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439-Mailing List, Third Party Advisory
- [tomee-dev] 20190905 [GitHub] [tomee] asf-ci commented on issue #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439-Mailing List, Third Party Advisory
- [tomee-dev] 20190905 [GitHub] [tomee] rzo1 opened a new pull request #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439-Mailing List, Third Party Advisory
- [tomee-dev] 20190905 [GitHub] [tomee] rzo1 opened a new pull request #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439-Mailing List, Third Party Advisory
- [tomee-dev] 20190905 [GitHub] [tomee] robert-schaft-hon commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439-Mailing List, Third Party Advisory
- [tomee-dev] 20190906 [GitHub] [tomee] rzo1 commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439-Mailing List, Third Party Advisory
- [struts-dev] 20190908 Build failed in Jenkins: Struts-master-JDK8-dependency-check #204-Mailing List, Third Party Advisory
- [tomee-dev] 20190909 [GitHub] [tomee] jgallimore merged pull request #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439-Mailing List, Third Party Advisory
- [tomee-dev] 20190909 [GitHub] [tomee] jgallimore merged pull request #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439-Mailing List, Third Party Advisory
- RHSA-2019:2743-Third Party Advisory
- FEDORA-2019-99ff6aa32c-Third Party Advisory
- FEDORA-2019-ae6a703b8f-Third Party Advisory
- FEDORA-2019-fb23eccc03-Third Party Advisory
- [tinkerpop-commits] 20190924 [GitHub] [tinkerpop] justinchuch opened a new pull request #1200: Upgrade jackson due to CVE issues-Mailing List, Third Party Advisory
- RHSA-2019:2858-Third Party Advisory
- RHSA-2019:2937-Third Party Advisory
- RHSA-2019:2936-Third Party Advisory
- RHSA-2019:2935-Third Party Advisory
- RHSA-2019:2938-Third Party Advisory
- RHSA-2019:2998-Third Party Advisory
- [iceberg-issues] 20191010 [GitHub] [incubator-iceberg] rdblue opened a new pull request #533: Update Jackson to 2.9.10 for CVE-2019-14379-Mailing List, Third Party Advisory
- [iceberg-issues] 20191010 [GitHub] [incubator-iceberg] rdblue merged pull request #535: Update Jackson to 2.9.10 for CVE-2019-14379-Mailing List, Third Party Advisory
- [iceberg-issues] 20191010 [GitHub] [incubator-iceberg] mccheah opened a new pull request #535: Update Jackson to 2.9.10 for CVE-2019-14379-Mailing List, Third Party Advisory
- [iceberg-issues] 20191010 [GitHub] [incubator-iceberg] rdblue closed pull request #533: Update Jackson to 2.9.10 for CVE-2019-14379-Mailing List, Third Party Advisory
- [iceberg-issues] 20191010 [GitHub] [incubator-iceberg] rdblue commented on issue #535: Update Jackson to 2.9.10 for CVE-2019-14379-Mailing List, Third Party Advisory
- [iceberg-issues] 20191010 [GitHub] [incubator-iceberg] rdblue commented on issue #533: Update Jackson to 2.9.10 for CVE-2019-14379-Mailing List, Third Party Advisory
- [iceberg-issues] 20191010 [GitHub] [incubator-iceberg] mccheah commented on issue #535: Update Jackson to 2.9.10 for CVE-2019-14379-Mailing List, Third Party Advisory
- RHBA-2019:2824-Third Party Advisory
- RHSA-2019:3046-Third Party Advisory
- RHSA-2019:3045-Third Party Advisory
- RHSA-2019:3044-Third Party Advisory
- RHSA-2019:3050-Third Party Advisory
- https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
- [drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities-Mailing List, Third Party Advisory
- RHSA-2019:3149-Third Party Advisory
- [drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities-Mailing List, Third Party Advisory
- [drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities-Mailing List
- [iceberg-issues] 20191027 [GitHub] [incubator-iceberg] rdsr commented on issue #535: Update Jackson to 2.9.10 for CVE-2019-14379-Mailing List, Third Party Advisory
- RHSA-2019:3292-Third Party Advisory
- RHSA-2019:3297-Third Party Advisory
- RHSA-2019:3200-Third Party Advisory
- RHSA-2019:3901-Third Party Advisory
- https://www.oracle.com/security-alerts/cpujan2020.html
- RHSA-2020:0727-Third Party Advisory
- N/A-Third Party Advisory
- https://www.oracle.com/security-alerts/cpujul2020.html
- [bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image-Mailing List, Third Party Advisory
- [geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12-Mailing List, Third Party Advisory
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://support.apple.com/kb/HT213189
- 20220314 APPLE-SA-2022-03-14-7 Xcode 13.3-Mailing List, Third Party Advisory
Keywords