We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
| Assigner | mitre |
| Reserved | 2019-09-15 |
| Published | 2019-09-15 |
| Updated | 2024-08-05 |
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.
https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69%40%3Ccommits.tinkerpop.apache.org%3E ([tinkerpop-commits] 20190924 [GitHub] [tinkerpop] justinchuch opened a new pull request #1200: Upgrade jackson due to CVE issues)
https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1%40%3Cissues.hbase.apache.org%3E ([hbase-issues] 20190925 [GitHub] [hbase] SteNicholas opened a new pull request #660: HBASE-23075 Upgrade jackson version)
https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016%40%3Cissues.hbase.apache.org%3E ([hbase-issues] 20190926 [GitHub] [hbase-connectors] SteNicholas opened a new pull request #45: HBASE-23075 Upgrade jackson version)
https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0%40%3Cissues.hbase.apache.org%3E ([hbase-issues] 20190926 [jira] [Updated] (HBASE-23075) Upgrade jackson to version 2.9.10 due to CVE-2019-16335 and CVE-2019-14540)
https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9%40%3Cissues.hbase.apache.org%3E ([hbase-issues] 20190926 [jira] [Commented] (HBASE-23075) Upgrade jackson to version 2.9.10 due to CVE-2019-16335 and CVE-2019-14540)
https://lists.apache.org/thread.html/e90c3feb21702e68a8c08afce37045adb3870f2bf8223fa403fb93fb%40%3Ccommits.hbase.apache.org%3E ([hbase-commits] 20190927 [hbase-connectors] 02/02: HBASE-23075 Upgrade jackson to version 2.9.10 due to CVE-2019-16335 and CVE-2019-14540)
https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html ([debian-lts-announce] 20191002 [SECURITY] [DLA 1943-1] jackson-databind security update)
https://www.debian.org/security/2019/dsa-4542 (DSA-4542)
https://seclists.org/bugtraq/2019/Oct/6 (20191007 [SECURITY] [DSA 4542-1] jackson-databind security update)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT/ (FEDORA-2019-b171554877)
https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E ([drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities)
https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E ([drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities)
https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E ([drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities)
https://access.redhat.com/errata/RHSA-2019:3200 (RHSA-2019:3200)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/ (FEDORA-2019-cf87377f5f)
https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E ([nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html)
https://access.redhat.com/errata/RHSA-2020:0164 (RHSA-2020:0164)
https://access.redhat.com/errata/RHSA-2020:0159 (RHSA-2020:0159)
https://access.redhat.com/errata/RHSA-2020:0160 (RHSA-2020:0160)
https://access.redhat.com/errata/RHSA-2020:0161 (RHSA-2020:0161)
https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E ([nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html)
https://access.redhat.com/errata/RHSA-2020:0445 (RHSA-2020:0445)
https://access.redhat.com/errata/RHSA-2020:0729 (RHSA-2020:0729)
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://github.com/FasterXML/jackson-databind/issues/2449
https://security.netapp.com/advisory/ntap-20191004-0002/
https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E ([bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image)
https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E ([geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12)
https://www.oracle.com/security-alerts/cpuoct2020.html
