First published: Sun Mar 22 2020(Updated: )
A flaw was found in jackson-databind 2.x prior to version 2.9.10.4. The interaction between serialization gadgets and typing is mishandled in the bus-proxy. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/candlepin | <0:2.6.16-1.el7 | 0:2.6.16-1.el7 |
redhat/foreman | <0:1.22.0.39-2.el7 | 0:1.22.0.39-2.el7 |
redhat/satellite | <0:6.6.3-1.el7 | 0:6.6.3-1.el7 |
redhat/tfm-rubygem-fog-ovirt | <0:1.2.3-1.el7 | 0:1.2.3-1.el7 |
redhat/tfm-rubygem-katello | <0:3.12.0.41-1.el7 | 0:3.12.0.41-1.el7 |
redhat/tfm-rubygem-runcible | <0:2.13.0-1.el7 | 0:2.13.0-1.el7 |
redhat/candlepin | <0:2.9.28-1.el7 | 0:2.9.28-1.el7 |
redhat/foreman | <0:1.24.1.24-1.el7 | 0:1.24.1.24-1.el7 |
redhat/foreman-installer | <1:1.24.1.21-1.el7 | 1:1.24.1.21-1.el7 |
redhat/pulp-rpm | <0:2.21.0.6-1.el7 | 0:2.21.0.6-1.el7 |
redhat/satellite | <0:6.7.2-1.el7 | 0:6.7.2-1.el7 |
redhat/tfm-rubygem-fog-vsphere | <0:3.2.1.1-1.el7 | 0:3.2.1.1-1.el7 |
redhat/tfm-rubygem-foreman-tasks | <0:0.17.5.6-1.el7 | 0:0.17.5.6-1.el7 |
redhat/tfm-rubygem-katello | <0:3.14.0.25-1.el7 | 0:3.14.0.25-1.el7 |
redhat/ansible-collection-redhat-satellite | <0:1.3.0-1.el7 | 0:1.3.0-1.el7 |
redhat/ansiblerole-insights-client | <0:1.7.1-1.el7 | 0:1.7.1-1.el7 |
redhat/ansiblerole-satellite-receptor-installer | <0:0.6.13-1.el7 | 0:0.6.13-1.el7 |
redhat/ansible-runner | <0:1.4.6-1.el7a | 0:1.4.6-1.el7a |
redhat/candlepin | <0:3.1.21-1.el7 | 0:3.1.21-1.el7 |
redhat/foreman | <0:2.1.2.19-1.el7 | 0:2.1.2.19-1.el7 |
redhat/foreman-bootloaders-redhat | <0:202005201200-1.el7 | 0:202005201200-1.el7 |
redhat/foreman-discovery-image-service | <0:1.0.0-3.el7 | 0:1.0.0-3.el7 |
redhat/foreman-installer | <1:2.1.2.8-1.el7 | 1:2.1.2.8-1.el7 |
redhat/foreman-proxy | <0:2.1.2-2.el7 | 0:2.1.2-2.el7 |
redhat/foreman-selinux | <0:2.1.2.3-1.el7 | 0:2.1.2.3-1.el7 |
redhat/future | <0:0.16.0-11.el7 | 0:0.16.0-11.el7 |
redhat/gofer | <0:2.12.5-7.el7 | 0:2.12.5-7.el7 |
redhat/hfsplus-tools | <0:332.14-12.el7 | 0:332.14-12.el7 |
redhat/katello | <0:3.16.0-1.el7 | 0:3.16.0-1.el7 |
redhat/katello-certs-tools | <0:2.7.1-1.el7 | 0:2.7.1-1.el7 |
redhat/katello-client-bootstrap | <0:1.7.5-1.el7 | 0:1.7.5-1.el7 |
redhat/katello-selinux | <0:3.4.0-1.el7 | 0:3.4.0-1.el7 |
redhat/keycloak-httpd-client-install | <0:1.2.2-1.el7 | 0:1.2.2-1.el7 |
redhat/kobo | <0:0.5.1-1.el7 | 0:0.5.1-1.el7 |
redhat/libmodulemd | <0:1.7.0-1.pulp.el7 | 0:1.7.0-1.pulp.el7 |
redhat/libsolv | <0:0.7.4-4.pulp.el7 | 0:0.7.4-4.pulp.el7 |
redhat/libwebsockets | <0:2.4.2-2.el7 | 0:2.4.2-2.el7 |
redhat/livecd-tools | <1:20.4-1.6.el7 | 1:20.4-1.6.el7 |
redhat/ostree | <0:2017.1-2.atomic.el7 | 0:2017.1-2.atomic.el7 |
redhat/pcp-mmvstatsd | <0:0.4-2.el7 | 0:0.4-2.el7 |
redhat/pulp | <0:2.21.3-1.el7 | 0:2.21.3-1.el7 |
redhat/pulp-docker | <0:3.2.7-1.el7 | 0:3.2.7-1.el7 |
redhat/pulp-katello | <0:1.0.3-1.el7 | 0:1.0.3-1.el7 |
redhat/pulp-ostree | <0:1.3.1-2.el7 | 0:1.3.1-2.el7 |
redhat/pulp-puppet | <0:2.21.3-2.el7 | 0:2.21.3-2.el7 |
redhat/pulp-rpm | <0:2.21.3-2.el7 | 0:2.21.3-2.el7 |
redhat/puppet-agent | <0:6.14.0-2.el7 | 0:6.14.0-2.el7 |
redhat/puppet-agent-oauth | <0:0.5.1-3.el7 | 0:0.5.1-3.el7 |
redhat/puppetlabs-stdlib | <0:4.25.1-2.el7 | 0:4.25.1-2.el7 |
redhat/puppetserver | <0:6.13.0-1.el7 | 0:6.13.0-1.el7 |
redhat/pycairo | <0:1.16.3-9.el7 | 0:1.16.3-9.el7 |
redhat/pygobject3 | <0:3.28.3-2.el7 | 0:3.28.3-2.el7 |
redhat/python-aiohttp | <0:3.6.2-4.el7a | 0:3.6.2-4.el7a |
redhat/python-amqp | <0:2.2.2-5.el7 | 0:2.2.2-5.el7 |
redhat/python-anyjson | <0:0.3.3-11.el7 | 0:0.3.3-11.el7 |
redhat/python-apypie | <0:0.2.2-1.el7 | 0:0.2.2-1.el7 |
redhat/python-async-timeout | <0:3.0.1-2.el7a | 0:3.0.1-2.el7a |
redhat/python-attrs | <0:19.3.0-3.el7a | 0:19.3.0-3.el7a |
redhat/python-billiard | <1:3.5.0.3-3.el7 | 1:3.5.0.3-3.el7 |
redhat/python-blinker | <0:1.3-2.el7 | 0:1.3-2.el7 |
redhat/python-celery | <0:4.0.2-9.el7 | 0:4.0.2-9.el7 |
redhat/python-chardet | <0:3.0.4-10.el7a | 0:3.0.4-10.el7a |
redhat/python-click | <0:6.7-9.el7 | 0:6.7-9.el7 |
redhat/python-crane | <0:3.3.1-9.el7 | 0:3.3.1-9.el7 |
redhat/python-daemon | <0:2.1.2-7.el7a | 0:2.1.2-7.el7a |
redhat/python-dateutil | <0:2.8.1-2.el7a | 0:2.8.1-2.el7a |
redhat/python-django | <0:1.11.29-1.el7 | 0:1.11.29-1.el7 |
redhat/python-flask | <1:0.12.2-4.el7 | 1:0.12.2-4.el7 |
redhat/python-gnupg | <0:0.3.7-1.el7 | 0:0.3.7-1.el7 |
redhat/python-idna | <0:2.4-2.el7a | 0:2.4-2.el7a |
redhat/python-idna-ssl | <0:1.1.0-2.el7a | 0:1.1.0-2.el7a |
redhat/python-isodate | <0:0.5.4-12.el7 | 0:0.5.4-12.el7 |
redhat/python-itsdangerous | <0:0.24-15.el7 | 0:0.24-15.el7 |
redhat/python-jinja2 | <0:2.10-10.el7 | 0:2.10-10.el7 |
redhat/python-jmespath | <0:0.9.0-6.el7_7 | 0:0.9.0-6.el7_7 |
redhat/python-kid | <0:0.9.6-11.el7 | 0:0.9.6-11.el7 |
redhat/python-kombu | <10:4.0.2-13.el7 | 10:4.0.2-13.el7 |
redhat/python-lockfile | <1:0.11.0-10.el7a | 1:0.11.0-10.el7a |
redhat/python-markupsafe | <0:0.23-21.el7 | 0:0.23-21.el7 |
redhat/python-mongoengine | <0:0.10.5-2.el7 | 0:0.10.5-2.el7 |
redhat/python-multidict | <0:4.7.4-2.el7a | 0:4.7.4-2.el7a |
redhat/python-nectar | <0:1.6.2-1.el7 | 0:1.6.2-1.el7 |
redhat/python-oauth2 | <0:1.5.211-8.el7 | 0:1.5.211-8.el7 |
redhat/python-okaara | <0:1.0.37-2.el7 | 0:1.0.37-2.el7 |
redhat/python-pexpect | <0:4.6-1.el7a | 0:4.6-1.el7a |
redhat/python-prometheus-client | <0:0.7.1-2.el7a | 0:0.7.1-2.el7a |
redhat/python-psutil | <0:5.0.1-3.el7 | 0:5.0.1-3.el7 |
redhat/python-ptyprocess | <0:0.5.2-3.el7a | 0:0.5.2-3.el7a |
redhat/python-pycurl | <0:7.43.0.2-4.el7 | 0:7.43.0.2-4.el7 |
redhat/python-pymongo | <0:3.2-2.el7 | 0:3.2-2.el7 |
redhat/python-qpid | <0:1.35.0-5.el7 | 0:1.35.0-5.el7 |
redhat/python-receptor-satellite | <0:1.2.0-1.el7 | 0:1.2.0-1.el7 |
redhat/python-simplejson | <0:3.2.0-1.el7 | 0:3.2.0-1.el7 |
redhat/python-six | <0:1.11.0-8.el7a | 0:1.11.0-8.el7a |
redhat/python-twisted | <0:16.4.1-12.el7 | 0:16.4.1-12.el7 |
redhat/python-typing-extensions | <0:3.7.4.1-2.el7a | 0:3.7.4.1-2.el7a |
redhat/python-vine | <10:1.1.3-6.el7 | 10:1.1.3-6.el7 |
redhat/python-werkzeug | <0:0.12.2-5.el7 | 0:0.12.2-5.el7 |
redhat/python-yarl | <0:1.4.2-2.el7a | 0:1.4.2-2.el7a |
redhat/python-zope-interface | <0:4.0.5-4.el7 | 0:4.0.5-4.el7 |
redhat/qpid-cpp | <0:1.36.0-28.el7a | 0:1.36.0-28.el7a |
redhat/qpid-dispatch | <0:1.5.0-4.el7 | 0:1.5.0-4.el7 |
redhat/qpid-proton | <0:0.28.0-3.el7 | 0:0.28.0-3.el7 |
redhat/receptor | <0:0.6.3-1.el7a | 0:0.6.3-1.el7a |
redhat/redhat-access-insights-puppet | <0:1.0.1-1.el7 | 0:1.0.1-1.el7 |
redhat/repoview | <0:0.6.6-11.el7 | 0:0.6.6-11.el7 |
redhat/rhel8-kickstart-setup | <0:0.0.2-1.el7 | 0:0.0.2-1.el7 |
redhat/rh-postgresql12-postgresql-evr | <0:0.0.2-1.el7 | 0:0.0.2-1.el7 |
redhat/rubygem-facter | <0:2.4.1-2.el7 | 0:2.4.1-2.el7 |
redhat/rubygem-highline | <0:1.7.8-3.el7 | 0:1.7.8-3.el7 |
redhat/rubygem-newt | <0:0.9.6-3.el7 | 0:0.9.6-3.el7 |
redhat/rubygem-oauth | <0:0.5.4-2.el7 | 0:0.5.4-2.el7 |
redhat/rubygem-passenger | <0:4.0.18-24.el7 | 0:4.0.18-24.el7 |
redhat/rubygem-rack | <1:1.6.12-1.el7 | 1:1.6.12-1.el7 |
redhat/rubygem-rake | <0:0.9.2.2-41.el7 | 0:0.9.2.2-41.el7 |
redhat/saslwrapper | <0:0.22-5.el7 | 0:0.22-5.el7 |
redhat/satellite | <0:6.8.0-1.el7 | 0:6.8.0-1.el7 |
redhat/satellite-installer | <0:6.8.0.11-1.el7 | 0:6.8.0.11-1.el7 |
redhat/tfm | <0:6.1-1.el7 | 0:6.1-1.el7 |
redhat/tfm-rubygem-actioncable | <0:6.0.3.1-1.el7 | 0:6.0.3.1-1.el7 |
redhat/tfm-rubygem-actionmailbox | <0:6.0.3.1-1.el7 | 0:6.0.3.1-1.el7 |
redhat/tfm-rubygem-actionmailer | <0:6.0.3.1-1.el7 | 0:6.0.3.1-1.el7 |
redhat/tfm-rubygem-actionpack | <0:6.0.3.1-1.el7 | 0:6.0.3.1-1.el7 |
redhat/tfm-rubygem-actiontext | <0:6.0.3.1-1.el7 | 0:6.0.3.1-1.el7 |
redhat/tfm-rubygem-actionview | <0:6.0.3.1-1.el7 | 0:6.0.3.1-1.el7 |
redhat/tfm-rubygem-activejob | <0:6.0.3.1-1.el7 | 0:6.0.3.1-1.el7 |
redhat/tfm-rubygem-activemodel | <0:6.0.3.1-1.el7 | 0:6.0.3.1-1.el7 |
redhat/tfm-rubygem-activerecord | <0:6.0.3.1-1.el7 | 0:6.0.3.1-1.el7 |
redhat/tfm-rubygem-activerecord-import | <0:1.0.0-6.el7 | 0:1.0.0-6.el7 |
redhat/tfm-rubygem-activestorage | <0:6.0.3.1-1.el7 | 0:6.0.3.1-1.el7 |
redhat/tfm-rubygem-activesupport | <0:6.0.3.1-1.el7 | 0:6.0.3.1-1.el7 |
redhat/tfm-rubygem-addressable | <0:2.6.0-1.el7 | 0:2.6.0-1.el7 |
redhat/tfm-rubygem-algebrick | <0:0.7.3-6.el7 | 0:0.7.3-6.el7 |
redhat/tfm-rubygem-ancestry | <0:3.0.7-1.el7 | 0:3.0.7-1.el7 |
redhat/tfm-rubygem-anemone | <0:0.7.2-22.el7 | 0:0.7.2-22.el7 |
redhat/tfm-rubygem-angular-rails-templates | <1:1.1.0-1.el7 | 1:1.1.0-1.el7 |
redhat/tfm-rubygem-ansi | <0:1.5.0-2.el7 | 0:1.5.0-2.el7 |
redhat/tfm-rubygem-apipie-bindings | <0:0.3.0-1.el7 | 0:0.3.0-1.el7 |
redhat/tfm-rubygem-apipie-dsl | <0:2.2.2-2.el7 | 0:2.2.2-2.el7 |
redhat/tfm-rubygem-apipie-params | <0:0.0.5-5.el7 | 0:0.0.5-5.el7 |
redhat/tfm-rubygem-apipie-rails | <0:0.5.17-3.el7 | 0:0.5.17-3.el7 |
redhat/tfm-rubygem-audited | <0:4.9.0-3.el7 | 0:4.9.0-3.el7 |
redhat/tfm-rubygem-bcrypt | <0:3.1.12-1.el7 | 0:3.1.12-1.el7 |
redhat/tfm-rubygem-builder | <0:3.2.4-1.el7 | 0:3.2.4-1.el7 |
redhat/tfm-rubygem-clamp | <0:1.1.2-5.el7 | 0:1.1.2-5.el7 |
redhat/tfm-rubygem-coffee-rails | <0:5.0.0-1.el7 | 0:5.0.0-1.el7 |
redhat/tfm-rubygem-coffee-script | <0:2.4.1-4.el7 | 0:2.4.1-4.el7 |
redhat/tfm-rubygem-coffee-script-source | <0:1.12.2-4.el7 | 0:1.12.2-4.el7 |
redhat/tfm-rubygem-concurrent-ruby | <1:1.1.6-2.el7 | 1:1.1.6-2.el7 |
redhat/tfm-rubygem-concurrent-ruby-edge | <1:0.6.0-2.el7 | 1:0.6.0-2.el7 |
redhat/tfm-rubygem-crass | <0:1.0.6-1.el7 | 0:1.0.6-1.el7 |
redhat/tfm-rubygem-daemons | <0:1.2.3-7.el7 | 0:1.2.3-7.el7 |
redhat/tfm-rubygem-deacon | <0:1.0.0-4.el7 | 0:1.0.0-4.el7 |
redhat/tfm-rubygem-declarative | <0:0.0.10-1.el7 | 0:0.0.10-1.el7 |
redhat/tfm-rubygem-declarative-option | <0:0.1.0-1.el7 | 0:0.1.0-1.el7 |
redhat/tfm-rubygem-deface | <0:1.5.3-2.el7 | 0:1.5.3-2.el7 |
redhat/tfm-rubygem-diffy | <0:3.0.1-6.el7 | 0:3.0.1-6.el7 |
redhat/tfm-rubygem-dynflow | <0:1.4.7-1.fm2_1.el7 | 0:1.4.7-1.fm2_1.el7 |
redhat/tfm-rubygem-erubi | <0:1.9.0-1.el7 | 0:1.9.0-1.el7 |
redhat/tfm-rubygem-excon | <0:0.58.0-3.el7 | 0:0.58.0-3.el7 |
redhat/tfm-rubygem-execjs | <0:2.7.0-4.el7 | 0:2.7.0-4.el7 |
redhat/tfm-rubygem-facter | <0:2.4.0-6.el7 | 0:2.4.0-6.el7 |
redhat/tfm-rubygem-faraday | <0:0.15.4-1.el7 | 0:0.15.4-1.el7 |
redhat/tfm-rubygem-ffi | <0:1.12.2-1.el7 | 0:1.12.2-1.el7 |
redhat/tfm-rubygem-fog-aws | <0:3.6.5-1.el7 | 0:3.6.5-1.el7 |
redhat/tfm-rubygem-fog-core | <0:2.1.0-3.el7 | 0:2.1.0-3.el7 |
redhat/tfm-rubygem-fog-google | <0:1.8.2-1.el7 | 0:1.8.2-1.el7 |
redhat/tfm-rubygem-fog-json | <0:1.2.0-3.el7 | 0:1.2.0-3.el7 |
redhat/tfm-rubygem-fog-kubevirt | <0:1.3.3-1.el7 | 0:1.3.3-1.el7 |
redhat/tfm-rubygem-fog-libvirt | <0:0.7.0-1.el7 | 0:0.7.0-1.el7 |
redhat/tfm-rubygem-fog-openstack | <0:1.0.8-2.el7 | 0:1.0.8-2.el7 |
redhat/tfm-rubygem-fog-ovirt | <0:1.2.5-1.el7 | 0:1.2.5-1.el7 |
redhat/tfm-rubygem-fog-vsphere | <0:3.3.1-1.el7 | 0:3.3.1-1.el7 |
redhat/tfm-rubygem-fog-xml | <0:0.1.2-8.el7 | 0:0.1.2-8.el7 |
redhat/tfm-rubygem-foreman-tasks | <0:2.0.2-1.fm2_1.el7 | 0:2.0.2-1.fm2_1.el7 |
redhat/tfm-rubygem-foreman-tasks-core | <0:0.3.4-1.el7 | 0:0.3.4-1.el7 |
redhat/tfm-rubygem-formatador | <0:0.2.1-11.el7 | 0:0.2.1-11.el7 |
redhat/tfm-rubygem-fx | <0:0.5.0-1.el7 | 0:0.5.0-1.el7 |
redhat/tfm-rubygem-gettext | <0:3.1.4-10.el7 | 0:3.1.4-10.el7 |
redhat/tfm-rubygem-git | <0:1.5.0-1.el7 | 0:1.5.0-1.el7 |
redhat/tfm-rubygem-gitlab-sidekiq-fetcher | <0:0.5.2-2.el7 | 0:0.5.2-2.el7 |
redhat/tfm-rubygem-globalid | <0:0.4.2-1.el7 | 0:0.4.2-1.el7 |
redhat/tfm-rubygem-google-api-client | <0:0.23.9-3.el7 | 0:0.23.9-3.el7 |
redhat/tfm-rubygem-googleauth | <0:0.6.7-3.el7 | 0:0.6.7-3.el7 |
redhat/tfm-rubygem-graphql | <0:1.8.14-1.el7 | 0:1.8.14-1.el7 |
redhat/tfm-rubygem-graphql-batch | <0:0.3.10-1.el7 | 0:0.3.10-1.el7 |
redhat/tfm-rubygem-gssapi | <0:1.2.0-6.el7 | 0:1.2.0-6.el7 |
redhat/tfm-rubygem-hashie | <0:3.6.0-1.el7 | 0:3.6.0-1.el7 |
redhat/tfm-rubygem-highline | <0:1.7.8-4.el7 | 0:1.7.8-4.el7 |
redhat/tfm-rubygem-http | <0:3.3.0-1.el7 | 0:3.3.0-1.el7 |
redhat/tfm-rubygem-httpclient | <0:2.8.3-1.el7 | 0:2.8.3-1.el7 |
redhat/tfm-rubygem-http-cookie | <0:1.0.2-5.el7 | 0:1.0.2-5.el7 |
redhat/tfm-rubygem-i18n | <0:1.8.2-1.el7 | 0:1.8.2-1.el7 |
redhat/tfm-rubygem-infoblox | <0:3.0.0-3.el7 | 0:3.0.0-3.el7 |
redhat/tfm-rubygem-ipaddress | <0:0.8.0-11.el7 | 0:0.8.0-11.el7 |
redhat/tfm-rubygem-jgrep | <0:1.3.3-12.el7 | 0:1.3.3-12.el7 |
redhat/tfm-rubygem-journald-logger | <0:2.0.4-2.el7 | 0:2.0.4-2.el7 |
redhat/tfm-rubygem-journald-native | <0:1.0.11-2.el7 | 0:1.0.11-2.el7 |
redhat/tfm-rubygem-jwt | <0:2.2.1-1.el7 | 0:2.2.1-1.el7 |
redhat/tfm-rubygem-kafo | <0:4.1.0-3.el7 | 0:4.1.0-3.el7 |
redhat/tfm-rubygem-katello | <0:3.16.0.11-1.el7 | 0:3.16.0.11-1.el7 |
redhat/tfm-rubygem-kubeclient | <0:4.3.0-1.el7 | 0:4.3.0-1.el7 |
redhat/tfm-rubygem-little-plugger | <0:1.1.4-1.el7 | 0:1.1.4-1.el7 |
redhat/tfm-rubygem-locale | <0:2.0.9-13.el7 | 0:2.0.9-13.el7 |
redhat/tfm-rubygem-logging | <0:2.2.2-6.el7 | 0:2.2.2-6.el7 |
redhat/tfm-rubygem-logging-journald | <0:2.0.0-2.el7 | 0:2.0.0-2.el7 |
redhat/tfm-rubygem-loofah | <0:2.4.0-1.el7 | 0:2.4.0-1.el7 |
redhat/tfm-rubygem-mail | <0:2.7.1-1.el7 | 0:2.7.1-1.el7 |
redhat/tfm-rubygem-marcel | <0:0.3.3-1.el7 | 0:0.3.3-1.el7 |
redhat/tfm-rubygem-memoist | <0:0.16.0-1.el7 | 0:0.16.0-1.el7 |
redhat/tfm-rubygem-mimemagic | <0:0.3.5-1.el7 | 0:0.3.5-1.el7 |
redhat/tfm-rubygem-mime-types | <0:3.2.2-4.el7 | 0:3.2.2-4.el7 |
redhat/tfm-rubygem-mime-types-data | <0:3.2018.0812-4.el7 | 0:3.2018.0812-4.el7 |
redhat/tfm-rubygem-multipart-post | <0:2.0.0-1.el7 | 0:2.0.0-1.el7 |
redhat/tfm-rubygem-mustermann | <0:1.0.2-4.el7 | 0:1.0.2-4.el7 |
redhat/tfm-rubygem-net-ldap | <0:0.16.1-1.el7 | 0:0.16.1-1.el7 |
redhat/tfm-rubygem-net-ping | <0:2.0.1-3.el7 | 0:2.0.1-3.el7 |
redhat/tfm-rubygem-netrc | <0:0.11.0-3.el7 | 0:0.11.0-3.el7 |
redhat/tfm-rubygem-net-scp | <0:1.2.1-3.el7 | 0:1.2.1-3.el7 |
redhat/tfm-rubygem-net-ssh | <0:4.2.0-1.el7 | 0:4.2.0-1.el7 |
redhat/tfm-rubygem-net-ssh-krb | <0:0.4.0-3.el7 | 0:0.4.0-3.el7 |
redhat/tfm-rubygem-nio4r | <0:2.5.2-2.el7 | 0:2.5.2-2.el7 |
redhat/tfm-rubygem-nokogiri | <0:1.10.9-1.el7 | 0:1.10.9-1.el7 |
redhat/tfm-rubygem-oauth | <0:0.5.4-3.el7 | 0:0.5.4-3.el7 |
redhat/tfm-rubygem-openscap | <0:0.4.9-3.el7 | 0:0.4.9-3.el7 |
redhat/tfm-rubygem-optimist | <0:3.0.0-1.el7 | 0:3.0.0-1.el7 |
redhat/tfm-rubygem-os | <0:1.0.0-1.el7 | 0:1.0.0-1.el7 |
redhat/tfm-rubygem-ovirt-engine-sdk | <0:4.2.3-3.el7 | 0:4.2.3-3.el7 |
redhat/tfm-rubygem-parse-cron | <0:0.1.4-4.el7 | 0:0.1.4-4.el7 |
redhat/tfm-rubygem-passenger | <0:4.0.18-26.el7 | 0:4.0.18-26.el7 |
redhat/tfm-rubygem-pg | <0:1.1.4-2.el7 | 0:1.1.4-2.el7 |
redhat/tfm-rubygem-polyglot | <0:0.3.5-3.el7 | 0:0.3.5-3.el7 |
redhat/tfm-rubygem-powerbar | <0:2.0.1-2.el7 | 0:2.0.1-2.el7 |
redhat/tfm-rubygem-prometheus-client | <0:1.0.0-1.el7 | 0:1.0.0-1.el7 |
redhat/tfm-rubygem-promise.rb | <0:0.7.4-1.el7 | 0:0.7.4-1.el7 |
redhat/tfm-rubygem-puma | <0:4.3.3-4.el7 | 0:4.3.3-4.el7 |
redhat/tfm-rubygem-puma-plugin-systemd | <0:0.1.5-1.el7 | 0:0.1.5-1.el7 |
redhat/tfm-rubygem-quantile | <0:0.2.0-3.el7 | 0:0.2.0-3.el7 |
redhat/tfm-rubygem-rabl | <0:0.14.3-1.el7 | 0:0.14.3-1.el7 |
redhat/tfm-rubygem-rack | <0:2.2.3-1.el7 | 0:2.2.3-1.el7 |
redhat/tfm-rubygem-rack-cors | <0:1.0.2-1.el7 | 0:1.0.2-1.el7 |
redhat/tfm-rubygem-rack-jsonp | <0:1.3.1-9.el7 | 0:1.3.1-9.el7 |
redhat/tfm-rubygem-rack-protection | <0:2.0.3-4.el7 | 0:2.0.3-4.el7 |
redhat/tfm-rubygem-rack-test | <0:1.1.0-4.el7 | 0:1.1.0-4.el7 |
redhat/tfm-rubygem-rails | <0:6.0.3.1-1.el7 | 0:6.0.3.1-1.el7 |
redhat/tfm-rubygem-rails-dom-testing | <0:2.0.3-6.el7 | 0:2.0.3-6.el7 |
redhat/tfm-rubygem-rails-html-sanitizer | <0:1.3.0-1.el7 | 0:1.3.0-1.el7 |
redhat/tfm-rubygem-rails-i18n | <0:6.0.0-2.el7 | 0:6.0.0-2.el7 |
redhat/tfm-rubygem-railties | <0:6.0.3.1-1.el7 | 0:6.0.3.1-1.el7 |
redhat/tfm-rubygem-rainbow | <0:2.2.1-5.el7 | 0:2.2.1-5.el7 |
redhat/tfm-rubygem-rb-inotify | <0:0.9.7-5.el7 | 0:0.9.7-5.el7 |
redhat/tfm-rubygem-rbovirt | <0:0.1.7-4.el7 | 0:0.1.7-4.el7 |
redhat/tfm-rubygem-rbvmomi | <0:2.2.0-3.el7 | 0:2.2.0-3.el7 |
redhat/tfm-rubygem-recursive-open-struct | <0:1.1.0-1.el7 | 0:1.1.0-1.el7 |
redhat/tfm-rubygem-redis | <0:4.1.2-2.el7 | 0:4.1.2-2.el7 |
redhat/tfm-rubygem-representable | <0:3.0.4-1.el7 | 0:3.0.4-1.el7 |
redhat/tfm-rubygem-responders | <0:3.0.0-3.el7 | 0:3.0.0-3.el7 |
redhat/tfm-rubygem-rest-client | <0:2.0.2-3.el7 | 0:2.0.2-3.el7 |
redhat/tfm-rubygem-retriable | <0:3.1.2-1.el7 | 0:3.1.2-1.el7 |
redhat/tfm-rubygem-rkerberos | <0:0.1.5-18.el7 | 0:0.1.5-18.el7 |
redhat/tfm-rubygem-roadie | <0:3.4.0-3.el7 | 0:3.4.0-3.el7 |
redhat/tfm-rubygem-roadie-rails | <0:2.1.1-2.el7 | 0:2.1.1-2.el7 |
redhat/tfm-rubygem-robotex | <0:1.0.0-21.el7 | 0:1.0.0-21.el7 |
redhat/tfm-rubygem-rsec | <0:0.4.3-4.el7 | 0:0.4.3-4.el7 |
redhat/tfm-rubygem-ruby2ruby | <0:2.4.2-3.el7 | 0:2.4.2-3.el7 |
redhat/tfm-rubygem-rubyipmi | <0:0.10.0-6.el7 | 0:0.10.0-6.el7 |
redhat/tfm-rubygem-ruby-libvirt | <0:0.7.0-4.el7 | 0:0.7.0-4.el7 |
redhat/tfm-rubygem-runcible | <0:2.13.0-2.el7 | 0:2.13.0-2.el7 |
redhat/tfm-rubygem-safemode | <0:1.3.5-2.el7 | 0:1.3.5-2.el7 |
redhat/tfm-rubygem-sequel | <0:5.7.1-2.el7 | 0:5.7.1-2.el7 |
redhat/tfm-rubygem-sidekiq | <0:5.2.7-3.el7 | 0:5.2.7-3.el7 |
redhat/tfm-rubygem-signet | <0:0.11.0-3.el7 | 0:0.11.0-3.el7 |
redhat/tfm-rubygem-sinatra | <0:2.0.3-4.el7 | 0:2.0.3-4.el7 |
redhat/tfm-rubygem-sprockets | <0:3.7.2-6.el7 | 0:3.7.2-6.el7 |
redhat/tfm-rubygem-sprockets-rails | <0:3.2.1-6.el7 | 0:3.2.1-6.el7 |
redhat/tfm-rubygem-sqlite3 | <0:1.3.13-5.el7 | 0:1.3.13-5.el7 |
redhat/tfm-rubygem-sshkey | <0:1.9.0-3.el7 | 0:1.9.0-3.el7 |
redhat/tfm-rubygem-statsd-instrument | <0:2.1.4-2.el7 | 0:2.1.4-2.el7 |
redhat/tfm-rubygem-stomp | <0:1.4.9-1.el7 | 0:1.4.9-1.el7 |
redhat/tfm-rubygem-text | <0:1.3.0-7.el7 | 0:1.3.0-7.el7 |
redhat/tfm-rubygem-thor | <0:1.0.1-2.el7 | 0:1.0.1-2.el7 |
redhat/tfm-rubygem-tilt | <0:2.0.8-4.el7 | 0:2.0.8-4.el7 |
redhat/tfm-rubygem-timeliness | <0:0.3.10-1.el7 | 0:0.3.10-1.el7 |
redhat/tfm-rubygem-tzinfo | <0:1.2.6-1.el7 | 0:1.2.6-1.el7 |
redhat/tfm-rubygem-uber | <0:0.1.0-1.el7 | 0:0.1.0-1.el7 |
redhat/tfm-rubygem-unf | <0:0.1.3-7.el7 | 0:0.1.3-7.el7 |
redhat/tfm-rubygem-unicode | <0:0.4.4.4-1.el7 | 0:0.4.4.4-1.el7 |
redhat/tfm-rubygem-webpack-rails | <0:0.9.8-6.el7 | 0:0.9.8-6.el7 |
redhat/tfm-rubygem-websocket-driver | <0:0.7.1-1.el7 | 0:0.7.1-1.el7 |
redhat/tfm-rubygem-websocket-extensions | <0:0.1.5-1.el7 | 0:0.1.5-1.el7 |
redhat/tfm-rubygem-x-editable-rails | <0:1.5.5-5.el7 | 0:1.5.5-5.el7 |
redhat/tfm-rubygem-xmlrpc | <0:0.3.0-2.el7 | 0:0.3.0-2.el7 |
redhat/tfm-rubygem-zeitwerk | <0:2.2.2-1.el7 | 0:2.2.2-1.el7 |
redhat/rh-maven35-jackson-databind | <0:2.7.6-2.9.el7 | 0:2.7.6-2.9.el7 |
FasterXML jackson-databind | >=2.9.0<2.9.10.4 | |
Debian Debian Linux | =8.0 | |
Netapp Steelstore Cloud Integrated Storage | ||
Oracle Agile PLM | =9.3.6 | |
Oracle Autovue For Agile Product Lifecycle Management | =21.0.2 | |
Oracle Banking Digital Experience | =18.1 | |
Oracle Banking Digital Experience | =18.2 | |
Oracle Banking Digital Experience | =18.3 | |
Oracle Banking Digital Experience | =19.1 | |
Oracle Banking Digital Experience | =19.2 | |
Oracle Banking Digital Experience | =20.1 | |
Oracle Banking Platform | >=2.4.0<=2.9.0 | |
Oracle Communications Calendar Server | =8.0.0.4.0 | |
Oracle Communications Contacts Server | =8.0.0.4.0 | |
Oracle Communications Contacts Server | =8.0.0.5.0 | |
Oracle Communications Diameter Signaling Router | >=8.0.0<=8.2.2 | |
Oracle Communications Element Manager | >=8.2.0<=8.2.2 | |
Oracle Communications Evolved Communications Application Server | =7.1 | |
Oracle Communications Instant Messaging Server | =10.0.1.4.0 | |
Oracle Communications Network Charging And Control | >=12.0.0<=12.0.3 | |
Oracle Communications Network Charging And Control | =6.0.1 | |
Oracle Communications Session Report Manager | >=8.2.0<=8.2.2 | |
Oracle Communications Session Route Manager | >=8.2.0<=8.2.2 | |
Oracle Enterprise Manager Base Platform | =13.3.0.0 | |
Oracle Enterprise Manager Base Platform | =13.4.0.0 | |
Oracle Financial Services Analytical Applications Infrastructure | >=8.0.6<=8.1.0 | |
Oracle Financial Services Institutional Performance Analytics | =8.0.6 | |
Oracle Financial Services Institutional Performance Analytics | =8.0.7 | |
Oracle Financial Services Institutional Performance Analytics | =8.1.0 | |
Oracle Financial Services Price Creation and Discovery | =8.0.6 | |
Oracle Financial Services Price Creation and Discovery | =8.0.7 | |
Oracle Financial Services Retail Customer Analytics | =8.0.6 | |
Oracle Global Lifecycle Management Opatch | <12.2.0.1.20 | |
Oracle Insurance Policy Administration J2EE | =11.0.2.25 | |
Oracle Insurance Policy Administration J2EE | =11.1.0.15 | |
Oracle Jd Edwards Enterpriseone Orchestrator | <9.2.4.2 | |
Oracle Jd Edwards Enterpriseone Tools | <9.2.4.2 | |
Oracle Primavera Unifier | >=17.7<=17.12 | |
Oracle Primavera Unifier | =16.1 | |
Oracle Primavera Unifier | =16.2 | |
Oracle Primavera Unifier | =18.8 | |
Oracle Primavera Unifier | =19.12 | |
Oracle Retail Merchandising System | =15.0 | |
Oracle Retail Sales Audit | =14.1 | |
Oracle Retail Service Backbone | =14.1 | |
Oracle Retail Service Backbone | =15.0 | |
Oracle Retail Service Backbone | =16.0 | |
Oracle Retail Xstore Point of Service | =15.0 | |
Oracle Retail Xstore Point of Service | =16.0 | |
Oracle Retail Xstore Point of Service | =17.0 | |
Oracle Retail Xstore Point of Service | =18.0 | |
Oracle Retail Xstore Point of Service | =19.0 | |
Oracle WebLogic Server | =12.2.1.3.0 | |
Oracle WebLogic Server | =12.2.1.4.0 | |
redhat/jackson-databind | <2.9.10.4 | 2.9.10.4 |
maven/com.fasterxml.jackson.core:jackson-databind | >=2.9.0<=2.9.10.3 | 2.9.10.4 |
IBM RQM | <=6.0.6.1 | |
IBM RQM | <=6.0.6 | |
IBM ETM | <=7.0.0 | |
IBM RQM | <=6.0.2 | |
IBM EWM | <=7.0 | |
IBM CLM | <=6.0.6.1 | |
IBM CLM | <=6.0.6 | |
IBM ELM | <=7.0 | |
IBM CLM | <=6.0.2 | |
IBM RDNG | <=6.0.2 | |
IBM RDNG | <=6.0.6.1 | |
IBM RDNG | <=6.0.6 | |
IBM DOORS Next | <=7.0 |
The following conditions are needed for an exploit, we recommend avoiding all if possible * Deserialization from sources you do not control * `enableDefaultTyping()` * `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)