CVE-2018-5968
First published: Thu Jan 18 2018(Updated: )
A deserialization flaw was discovered in the jackson-databind that could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaws CVE-2017-7525 and CVE-2017-17485 by blacklisting more classes that could be used maliciously.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/eap7-activemq-artemis | <0:1.5.5.009-1.redhat_1.1.ep7.el6 | 0:1.5.5.009-1.redhat_1.1.ep7.el6 |
| redhat/eap7-apache-cxf | <0:3.1.13-1.redhat_1.1.ep7.el6 | 0:3.1.13-1.redhat_1.1.ep7.el6 |
| redhat/eap7-glassfish-jsf | <0:2.2.13-6.SP5_redhat_1.1.ep7.el6 | 0:2.2.13-6.SP5_redhat_1.1.ep7.el6 |
| redhat/eap7-hibernate | <0:5.1.12-1.Final_redhat_1.1.ep7.el6 | 0:5.1.12-1.Final_redhat_1.1.ep7.el6 |
| redhat/eap7-infinispan | <0:8.2.9-1.Final_redhat_1.1.ep7.el6 | 0:8.2.9-1.Final_redhat_1.1.ep7.el6 |
| redhat/eap7-ironjacamar | <0:1.4.7-1.Final_redhat_1.1.ep7.el6 | 0:1.4.7-1.Final_redhat_1.1.ep7.el6 |
| redhat/eap7-jackson-annotations | <0:2.8.11-1.redhat_1.1.ep7.el6 | 0:2.8.11-1.redhat_1.1.ep7.el6 |
| redhat/eap7-jackson-core | <0:2.8.11-1.redhat_1.1.ep7.el6 | 0:2.8.11-1.redhat_1.1.ep7.el6 |
| redhat/eap7-jackson-databind | <0:2.8.11-1.redhat_1.1.ep7.el6 | 0:2.8.11-1.redhat_1.1.ep7.el6 |
| redhat/eap7-jackson-jaxrs-providers | <0:2.8.11-1.redhat_1.1.ep7.el6 | 0:2.8.11-1.redhat_1.1.ep7.el6 |
| redhat/eap7-jackson-module-jaxb-annotations | <0:2.8.11-1.redhat_1.1.ep7.el6 | 0:2.8.11-1.redhat_1.1.ep7.el6 |
| redhat/eap7-jackson-modules-java8 | <0:2.8.11-1.redhat_1.1.ep7.el6 | 0:2.8.11-1.redhat_1.1.ep7.el6 |
| redhat/eap7-jboss-logmanager | <0:2.0.8-1.Final_redhat_1.1.ep7.el6 | 0:2.0.8-1.Final_redhat_1.1.ep7.el6 |
| redhat/eap7-jboss-server-migration | <0:1.0.3-6.Final_redhat_6.1.ep7.el6 | 0:1.0.3-6.Final_redhat_6.1.ep7.el6 |
| redhat/eap7-jbossws-cxf | <0:5.1.10-1.Final_redhat_1.1.ep7.el6 | 0:5.1.10-1.Final_redhat_1.1.ep7.el6 |
| redhat/eap7-narayana | <0:5.5.31-1.Final_redhat_1.1.ep7.el6 | 0:5.5.31-1.Final_redhat_1.1.ep7.el6 |
| redhat/eap7-picketlink-bindings | <0:2.5.5-10.SP9_redhat_1.1.ep7.el6 | 0:2.5.5-10.SP9_redhat_1.1.ep7.el6 |
| redhat/eap7-picketlink-federation | <0:2.5.5-10.SP9_redhat_1.1.ep7.el6 | 0:2.5.5-10.SP9_redhat_1.1.ep7.el6 |
| redhat/eap7-resteasy | <0:3.0.25-1.Final_redhat_1.1.ep7.el6 | 0:3.0.25-1.Final_redhat_1.1.ep7.el6 |
| redhat/eap7-undertow | <0:1.4.18-4.SP2_redhat_1.1.ep7.el6 | 0:1.4.18-4.SP2_redhat_1.1.ep7.el6 |
| redhat/eap7-undertow-jastow | <0:2.0.3-1.Final_redhat_1.1.ep7.el6 | 0:2.0.3-1.Final_redhat_1.1.ep7.el6 |
| redhat/eap7-wildfly | <0:7.1.1-4.GA_redhat_2.1.ep7.el6 | 0:7.1.1-4.GA_redhat_2.1.ep7.el6 |
| redhat/eap7-wildfly-elytron | <0:1.1.8-1.Final_redhat_1.1.ep7.el6 | 0:1.1.8-1.Final_redhat_1.1.ep7.el6 |
| redhat/eap7-wildfly-http-client | <0:1.0.9-1.Final_redhat_1.1.ep7.el6 | 0:1.0.9-1.Final_redhat_1.1.ep7.el6 |
| redhat/eap7-wildfly-javadocs | <0:7.1.1-3.GA_redhat_2.1.ep7.el6 | 0:7.1.1-3.GA_redhat_2.1.ep7.el6 |
| redhat/eap7-wss4j | <0:2.1.11-1.redhat_1.1.ep7.el6 | 0:2.1.11-1.redhat_1.1.ep7.el6 |
| redhat/eap7-xml-security | <0:2.0.9-1.redhat_1.1.ep7.el6 | 0:2.0.9-1.redhat_1.1.ep7.el6 |
| redhat/eap7-jboss-ec2-eap | <0:7.1.1-3.1.GA_redhat_3.ep7.el6 | 0:7.1.1-3.1.GA_redhat_3.ep7.el6 |
| redhat/eap7-activemq-artemis | <0:1.5.5.009-1.redhat_1.1.ep7.el7 | 0:1.5.5.009-1.redhat_1.1.ep7.el7 |
| redhat/eap7-apache-cxf | <0:3.1.13-1.redhat_1.1.ep7.el7 | 0:3.1.13-1.redhat_1.1.ep7.el7 |
| redhat/eap7-glassfish-jsf | <0:2.2.13-6.SP5_redhat_1.1.ep7.el7 | 0:2.2.13-6.SP5_redhat_1.1.ep7.el7 |
| redhat/eap7-hibernate | <0:5.1.12-1.Final_redhat_1.1.ep7.el7 | 0:5.1.12-1.Final_redhat_1.1.ep7.el7 |
| redhat/eap7-infinispan | <0:8.2.9-1.Final_redhat_1.1.ep7.el7 | 0:8.2.9-1.Final_redhat_1.1.ep7.el7 |
| redhat/eap7-ironjacamar | <0:1.4.7-1.Final_redhat_1.1.ep7.el7 | 0:1.4.7-1.Final_redhat_1.1.ep7.el7 |
| redhat/eap7-jackson-annotations | <0:2.8.11-1.redhat_1.1.ep7.el7 | 0:2.8.11-1.redhat_1.1.ep7.el7 |
| redhat/eap7-jackson-core | <0:2.8.11-1.redhat_1.1.ep7.el7 | 0:2.8.11-1.redhat_1.1.ep7.el7 |
| redhat/eap7-jackson-databind | <0:2.8.11-1.redhat_1.1.ep7.el7 | 0:2.8.11-1.redhat_1.1.ep7.el7 |
| redhat/eap7-jackson-jaxrs-providers | <0:2.8.11-1.redhat_1.1.ep7.el7 | 0:2.8.11-1.redhat_1.1.ep7.el7 |
| redhat/eap7-jackson-module-jaxb-annotations | <0:2.8.11-1.redhat_1.1.ep7.el7 | 0:2.8.11-1.redhat_1.1.ep7.el7 |
| redhat/eap7-jackson-modules-java8 | <0:2.8.11-1.redhat_1.1.ep7.el7 | 0:2.8.11-1.redhat_1.1.ep7.el7 |
| redhat/eap7-jboss-logmanager | <0:2.0.8-1.Final_redhat_1.1.ep7.el7 | 0:2.0.8-1.Final_redhat_1.1.ep7.el7 |
| redhat/eap7-jboss-server-migration | <0:1.0.3-6.Final_redhat_6.1.ep7.el7 | 0:1.0.3-6.Final_redhat_6.1.ep7.el7 |
| redhat/eap7-jbossws-cxf | <0:5.1.10-1.Final_redhat_1.1.ep7.el7 | 0:5.1.10-1.Final_redhat_1.1.ep7.el7 |
| redhat/eap7-narayana | <0:5.5.31-1.Final_redhat_1.1.ep7.el7 | 0:5.5.31-1.Final_redhat_1.1.ep7.el7 |
| redhat/eap7-picketlink-bindings | <0:2.5.5-10.SP9_redhat_1.1.ep7.el7 | 0:2.5.5-10.SP9_redhat_1.1.ep7.el7 |
| redhat/eap7-picketlink-federation | <0:2.5.5-10.SP9_redhat_1.1.ep7.el7 | 0:2.5.5-10.SP9_redhat_1.1.ep7.el7 |
| redhat/eap7-resteasy | <0:3.0.25-1.Final_redhat_1.1.ep7.el7 | 0:3.0.25-1.Final_redhat_1.1.ep7.el7 |
| redhat/eap7-undertow | <0:1.4.18-4.SP2_redhat_1.1.ep7.el7 | 0:1.4.18-4.SP2_redhat_1.1.ep7.el7 |
| redhat/eap7-undertow-jastow | <0:2.0.3-1.Final_redhat_1.1.ep7.el7 | 0:2.0.3-1.Final_redhat_1.1.ep7.el7 |
| redhat/eap7-wildfly | <0:7.1.1-4.GA_redhat_2.1.ep7.el7 | 0:7.1.1-4.GA_redhat_2.1.ep7.el7 |
| redhat/eap7-wildfly-elytron | <0:1.1.8-1.Final_redhat_1.1.ep7.el7 | 0:1.1.8-1.Final_redhat_1.1.ep7.el7 |
| redhat/eap7-wildfly-http-client | <0:1.0.9-1.Final_redhat_1.1.ep7.el7 | 0:1.0.9-1.Final_redhat_1.1.ep7.el7 |
| redhat/eap7-wildfly-javadocs | <0:7.1.1-3.GA_redhat_2.1.ep7.el7 | 0:7.1.1-3.GA_redhat_2.1.ep7.el7 |
| redhat/eap7-wss4j | <0:2.1.11-1.redhat_1.1.ep7.el7 | 0:2.1.11-1.redhat_1.1.ep7.el7 |
| redhat/eap7-xml-security | <0:2.0.9-1.redhat_1.1.ep7.el7 | 0:2.0.9-1.redhat_1.1.ep7.el7 |
| redhat/eap7-jboss-ec2-eap | <0:7.1.1-3.1.GA_redhat_3.ep7.el7 | 0:7.1.1-3.1.GA_redhat_3.ep7.el7 |
| debian/jackson-databind | <=2.9.1-1<=2.8.6-1+deb9u2<=2.4.2-2+deb8u2 | 2.9.4-1 2.8.6-1+deb9u3 2.4.2-2+deb8u3 |
| debian/jackson-databind | 2.9.8-3+deb10u3 2.9.8-3+deb10u5 2.12.1-1+deb11u1 2.14.0-1 | |
| redhat/jackson-databind | <2.9.4 | 2.9.4 |
| maven/com.fasterxml.jackson.core:jackson-databind | <2.7.9.5 | 2.7.9.5 |
| maven/com.fasterxml.jackson.core:jackson-databind | >=2.8.0<2.8.11 | 2.8.11.1 |
| maven/com.fasterxml.jackson.core:jackson-databind | >=2.9.0<2.9.4 | 2.9.4 |
| IBM Engineering Lifecycle Management | <=6.0.6.1 | |
| IBM Engineering Lifecycle Management | <=6.0.6 | |
| IBM Engineering Lifecycle Management | <=6.0.2 | |
| FasterXML Jackson Databind | >=2.0.0<2.6.7.3 | |
| FasterXML Jackson Databind | >=2.7.0<2.7.9.2 | |
| FasterXML Jackson Databind | >=2.8.0<2.8.11.1 | |
| FasterXML Jackson Databind | >=2.9.0<2.9.4 | |
| Debian Linux | =8.0 | |
| Debian Linux | =9.0 | |
| Red Hat OpenShift Container Platform | =4.1 | |
| Red Hat Enterprise Virtualization | =4.0 | |
| Red Hat Virtualization Host EUS | =4.0 | |
| Red Hat Enterprise Linux Server | =7.0 | |
| JBoss Enterprise Application Platform | =7.1 | |
| Red Hat Enterprise Linux Server | =6.0 | |
| Red Hat OpenShift Container Platform | =3.11 | |
| NetApp E-Series SANtricity OS Controller | >=11.0.0<=11.60.3 | |
| NetApp E-Series SANtricity Web Services | ||
| NetApp OnCommand Shift | ||
| All of | ||
| Any of | ||
| Red Hat OpenShift Container Platform | =4.1 | |
| Red Hat Enterprise Virtualization | =4.0 | |
| Red Hat Virtualization Host EUS | =4.0 | |
| Red Hat Enterprise Linux Server | =7.0 | |
| All of | ||
| JBoss Enterprise Application Platform | =7.1 | |
| Any of | ||
| Red Hat Enterprise Linux Server | =6.0 | |
| Red Hat Enterprise Linux Server | =7.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2018-5968 https://nvd.nist.gov/vuln/detail/CVE-2018-5968
- https://bugzilla.redhat.com/show_bug.cgi?id=1538332
- https://access.redhat.com/errata/RHSA-2018:0478
- https://access.redhat.com/errata/RHSA-2018:0479
- https://access.redhat.com/errata/RHSA-2018:0481
- https://access.redhat.com/errata/RHSA-2018:0480
- https://access.redhat.com/errata/RHSA-2019:3149
- https://access.redhat.com/errata/RHSA-2019:2858
- https://access.redhat.com/errata/RHSA-2018:1525
- https://access.redhat.com/security/cve/CVE-2018-5968
- https://github.com/FasterXML/jackson-databind/issues/1899
- https://security-tracker.debian.org/tracker/CVE-2018-5968
- https://security-tracker.debian.org/tracker/CVE-2017-7525
- https://security-tracker.debian.org/tracker/CVE-2017-17485
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5968
- https://github.com/FasterXML/jackson-databind/commit/038b471e2efde2e8f96b4e0be958d3e5a1ff1d05
- https://github.com/FasterXML/jackson-databind/commit/2235894210c75f624a3d0cd60bfb0434a20a18bf
- https://github.com/FasterXML/jackson-databind/issues/1855
- https://github.com/FasterXML/jackson-databind/commit/f031f27a31625d07922bdd090664c69544200a5d
- https://github.com/FasterXML/jackson-databind/commit/bb45fb16709018842f858f1a6e1118676aaa34bd
- https://github.com/FasterXML/jackson-databind/commit/978798382ceb72229e5036aa1442943933d6d171
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888316
- https://security.netapp.com/advisory/ntap-20180423-0002/
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03902en_us
- https://www.debian.org/security/2018/dsa-4114
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://access.redhat.com/security/cve/CVE-2017-7525
- https://access.redhat.com/security/cve/CVE-2017-17485
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1538333
- https://access.redhat.com/solutions/3279231
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1462702
- https://nvd.nist.gov/vuln/detail/CVE-2018-5968
- https://github.com/GulajavaMinistudio/jackson-databind/pull/92/commits/038b471e2efde2e8f96b4e0be958d3e5a1ff1d05
- https://github.com/FasterXML/jackson-databind/commit/038b471e2efde2e8f96b4e0be958d3e5a1ff1d0
- https://github.com/FasterXML/jackson-databind/commit/03ea0bec6293d4330b5ad19d1d62aca0e3cb6381
- https://github.com/FasterXML/jackson-databind/commit/454be8bb8c913be18298327a84ca45a280b61605
- https://security.netapp.com/advisory/ntap-20180423-0002
- https://github.com/advisories/GHSA-w3f4-3q6j-rh82 (Advisory)
- https://exchange.xforce.ibmcloud.com/vulnerabilities/138088
- https://www.ibm.com/support/pages/node/2867997 (Advisory)
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is the severity of CVE-2018-5968?
CVE-2018-5968 is considered critical due to its potential for arbitrary code execution.
How do I fix CVE-2018-5968?
To remediate CVE-2018-5968, update the affected software packages to the recommended versions listed in the vulnerability advisory.
Which software is affected by CVE-2018-5968?
CVE-2018-5968 affects various Red Hat packages, including eap7-jackson-databind and others in the JBoss ecosystem.
Can CVE-2018-5968 be exploited remotely?
Yes, CVE-2018-5968 can be exploited by an unauthenticated user sending crafted input to vulnerable applications.
What type of vulnerability is CVE-2018-5968?
CVE-2018-5968 is a deserialization vulnerability in the Jackson Databind component.
- collector/redhat-cve
- collector/debian-bugs
- alias/CVE-2018-5968
- collector/security-tracker-debian
- agent/weakness
- agent/type
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- agent/software-canonical-lookup
- agent/author
- agent/severity
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-w3f4-3q6j-rh82
- collector/github-advisory
- agent/references
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/trending
- agent/source
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup-request
- collector/nvd-api
- agent/softwarecombine
- agent/tags
- collector/nvd-cve
- source/NVD
- collector/nvd-index
- package-manager/redhat
- package-manager/debian
- package-manager/maven
- vendor/ibm
- canonical/ibm engineering lifecycle management
- version/ibm engineering lifecycle management/6.0.6.1
- version/ibm engineering lifecycle management/6.0.6
- version/ibm engineering lifecycle management/6.0.2
- vendor/fasterxml
- canonical/fasterxml jackson databind
- version/fasterxml jackson databind/2.0.0
- version/fasterxml jackson databind/2.7.0
- version/fasterxml jackson databind/2.8.0
- version/fasterxml jackson databind/2.9.0
- vendor/debian
- canonical/debian linux
- version/debian linux/8.0
- version/debian linux/9.0
- vendor/redhat
- canonical/red hat openshift container platform
- version/red hat openshift container platform/4.1
- canonical/red hat enterprise virtualization
- version/red hat enterprise virtualization/4.0
- canonical/red hat virtualization host eus
- version/red hat virtualization host eus/4.0
- canonical/red hat enterprise linux server
- version/red hat enterprise linux server/7.0
- canonical/jboss enterprise application platform
- version/jboss enterprise application platform/7.1
- version/red hat enterprise linux server/6.0
- version/red hat openshift container platform/3.11
- vendor/netapp
- canonical/netapp e-series santricity os controller
- version/netapp e-series santricity os controller/11.0.0
- version/netapp e-series santricity os controller/11.60.3
- canonical/netapp e-series santricity web services
- canonical/netapp oncommand shift