First published: Tue Sep 10 2019(Updated: )
The Public Key Infrastructure (PKI) Deps module contains fundamental packages required as dependencies for the pki-core module by Red Hat Certificate System.<br>Security Fix(es):<br><li> jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/apache-commons-collections | <3.2.2-10.module+el8.0.0+3892+c903d3f0 | 3.2.2-10.module+el8.0.0+3892+c903d3f0 |
redhat/apache-commons-lang | <2.6-21.module+el8.0.0+3892+c903d3f0 | 2.6-21.module+el8.0.0+3892+c903d3f0 |
redhat/bea-stax | <1.2.0-16.module+el8.0.0+3892+c903d3f0 | 1.2.0-16.module+el8.0.0+3892+c903d3f0 |
redhat/glassfish-fastinfoset | <1.2.13-9.module+el8.0.0+3892+c903d3f0 | 1.2.13-9.module+el8.0.0+3892+c903d3f0 |
redhat/glassfish-jaxb | <2.2.11-11.module+el8.0.0+3892+c903d3f0 | 2.2.11-11.module+el8.0.0+3892+c903d3f0 |
redhat/glassfish-jaxb-api | <2.2.12-8.module+el8.0.0+3892+c903d3f0 | 2.2.12-8.module+el8.0.0+3892+c903d3f0 |
redhat/jackson-annotations | <2.9.9-1.module+el8.0.0+3892+c903d3f0 | 2.9.9-1.module+el8.0.0+3892+c903d3f0 |
redhat/jackson-core | <2.9.9-1.module+el8.0.0+3892+c903d3f0 | 2.9.9-1.module+el8.0.0+3892+c903d3f0 |
redhat/jackson-databind | <2.9.9.2-1.module+el8.0.0+3892+c903d3f0 | 2.9.9.2-1.module+el8.0.0+3892+c903d3f0 |
redhat/jackson-jaxrs-providers | <2.9.9-1.module+el8.0.0+3892+c903d3f0 | 2.9.9-1.module+el8.0.0+3892+c903d3f0 |
redhat/jackson-module-jaxb-annotations | <2.7.6-4.module+el8.0.0+3892+c903d3f0 | 2.7.6-4.module+el8.0.0+3892+c903d3f0 |
redhat/jakarta-commons-httpclient | <3.1-28.module+el8.0.0+3892+c903d3f0 | 3.1-28.module+el8.0.0+3892+c903d3f0 |
redhat/javassist | <3.18.1-8.module+el8.0.0+3892+c903d3f0 | 3.18.1-8.module+el8.0.0+3892+c903d3f0 |
redhat/pki-servlet-container | <9.0.7-14.module+el8.0.0+3892+c903d3f0 | 9.0.7-14.module+el8.0.0+3892+c903d3f0 |
redhat/python-nss | <1.0.1-10.module+el8.0.0+3892+c903d3f0 | 1.0.1-10.module+el8.0.0+3892+c903d3f0 |
redhat/resteasy | <3.0.26-3.module+el8.0.0+3892+c903d3f0 | 3.0.26-3.module+el8.0.0+3892+c903d3f0 |
redhat/slf4j | <1.7.25-4.module+el8.0.0+3892+c903d3f0 | 1.7.25-4.module+el8.0.0+3892+c903d3f0 |
redhat/stax-ex | <1.7.7-8.module+el8.0.0+3892+c903d3f0 | 1.7.7-8.module+el8.0.0+3892+c903d3f0 |
redhat/velocity | <1.7-24.module+el8.0.0+3892+c903d3f0 | 1.7-24.module+el8.0.0+3892+c903d3f0 |
redhat/xalan-j2 | <2.7.1-38.module+el8.0.0+3892+c903d3f0 | 2.7.1-38.module+el8.0.0+3892+c903d3f0 |
redhat/xerces-j2 | <2.11.0-34.module+el8.0.0+3892+c903d3f0 | 2.11.0-34.module+el8.0.0+3892+c903d3f0 |
redhat/xml-commons-apis | <1.4.01-25.module+el8.0.0+3892+c903d3f0 | 1.4.01-25.module+el8.0.0+3892+c903d3f0 |
redhat/xml-commons-resolver | <1.2-26.module+el8.0.0+3892+c903d3f0 | 1.2-26.module+el8.0.0+3892+c903d3f0 |
redhat/xmlstreambuffer | <1.5.4-8.module+el8.0.0+3892+c903d3f0 | 1.5.4-8.module+el8.0.0+3892+c903d3f0 |
redhat/xsom | <0-19.20110809svn.module+el8.0.0+3892+c903d3f0 | 0-19.20110809svn.module+el8.0.0+3892+c903d3f0 |
redhat/apache-commons-collections | <3.2.2-10.module+el8.0.0+3892+c903d3f0 | 3.2.2-10.module+el8.0.0+3892+c903d3f0 |
redhat/apache-commons-lang | <2.6-21.module+el8.0.0+3892+c903d3f0 | 2.6-21.module+el8.0.0+3892+c903d3f0 |
redhat/bea-stax-api | <1.2.0-16.module+el8.0.0+3892+c903d3f0 | 1.2.0-16.module+el8.0.0+3892+c903d3f0 |
redhat/glassfish-fastinfoset | <1.2.13-9.module+el8.0.0+3892+c903d3f0 | 1.2.13-9.module+el8.0.0+3892+c903d3f0 |
redhat/glassfish-jaxb-api | <2.2.12-8.module+el8.0.0+3892+c903d3f0 | 2.2.12-8.module+el8.0.0+3892+c903d3f0 |
redhat/glassfish-jaxb-core | <2.2.11-11.module+el8.0.0+3892+c903d3f0 | 2.2.11-11.module+el8.0.0+3892+c903d3f0 |
redhat/glassfish-jaxb-runtime | <2.2.11-11.module+el8.0.0+3892+c903d3f0 | 2.2.11-11.module+el8.0.0+3892+c903d3f0 |
redhat/glassfish-jaxb-txw2 | <2.2.11-11.module+el8.0.0+3892+c903d3f0 | 2.2.11-11.module+el8.0.0+3892+c903d3f0 |
redhat/jackson-annotations | <2.9.9-1.module+el8.0.0+3892+c903d3f0 | 2.9.9-1.module+el8.0.0+3892+c903d3f0 |
redhat/jackson-core | <2.9.9-1.module+el8.0.0+3892+c903d3f0 | 2.9.9-1.module+el8.0.0+3892+c903d3f0 |
redhat/jackson-databind | <2.9.9.2-1.module+el8.0.0+3892+c903d3f0 | 2.9.9.2-1.module+el8.0.0+3892+c903d3f0 |
redhat/jackson-jaxrs-json-provider | <2.9.9-1.module+el8.0.0+3892+c903d3f0 | 2.9.9-1.module+el8.0.0+3892+c903d3f0 |
redhat/jackson-jaxrs-providers | <2.9.9-1.module+el8.0.0+3892+c903d3f0 | 2.9.9-1.module+el8.0.0+3892+c903d3f0 |
redhat/jackson-module-jaxb-annotations | <2.7.6-4.module+el8.0.0+3892+c903d3f0 | 2.7.6-4.module+el8.0.0+3892+c903d3f0 |
redhat/jakarta-commons-httpclient | <3.1-28.module+el8.0.0+3892+c903d3f0 | 3.1-28.module+el8.0.0+3892+c903d3f0 |
redhat/javassist | <3.18.1-8.module+el8.0.0+3892+c903d3f0 | 3.18.1-8.module+el8.0.0+3892+c903d3f0 |
redhat/javassist-javadoc | <3.18.1-8.module+el8.0.0+3892+c903d3f0 | 3.18.1-8.module+el8.0.0+3892+c903d3f0 |
redhat/pki-servlet | <4.0-api-9.0.7-14.module+el8.0.0+3892+c903d3f0 | 4.0-api-9.0.7-14.module+el8.0.0+3892+c903d3f0 |
redhat/pki-servlet-container | <9.0.7-14.module+el8.0.0+3892+c903d3f0 | 9.0.7-14.module+el8.0.0+3892+c903d3f0 |
redhat/resteasy | <3.0.26-3.module+el8.0.0+3892+c903d3f0 | 3.0.26-3.module+el8.0.0+3892+c903d3f0 |
redhat/slf4j | <1.7.25-4.module+el8.0.0+3892+c903d3f0 | 1.7.25-4.module+el8.0.0+3892+c903d3f0 |
redhat/slf4j-jdk14 | <1.7.25-4.module+el8.0.0+3892+c903d3f0 | 1.7.25-4.module+el8.0.0+3892+c903d3f0 |
redhat/stax-ex | <1.7.7-8.module+el8.0.0+3892+c903d3f0 | 1.7.7-8.module+el8.0.0+3892+c903d3f0 |
redhat/velocity | <1.7-24.module+el8.0.0+3892+c903d3f0 | 1.7-24.module+el8.0.0+3892+c903d3f0 |
redhat/xalan-j2 | <2.7.1-38.module+el8.0.0+3892+c903d3f0 | 2.7.1-38.module+el8.0.0+3892+c903d3f0 |
redhat/xerces-j2 | <2.11.0-34.module+el8.0.0+3892+c903d3f0 | 2.11.0-34.module+el8.0.0+3892+c903d3f0 |
redhat/xml-commons-apis | <1.4.01-25.module+el8.0.0+3892+c903d3f0 | 1.4.01-25.module+el8.0.0+3892+c903d3f0 |
redhat/xml-commons-resolver | <1.2-26.module+el8.0.0+3892+c903d3f0 | 1.2-26.module+el8.0.0+3892+c903d3f0 |
redhat/xmlstreambuffer | <1.5.4-8.module+el8.0.0+3892+c903d3f0 | 1.5.4-8.module+el8.0.0+3892+c903d3f0 |
redhat/xsom | <0-19.20110809svn.module+el8.0.0+3892+c903d3f0 | 0-19.20110809svn.module+el8.0.0+3892+c903d3f0 |
redhat/python-nss-debugsource | <1.0.1-10.module+el8.0.0+3892+c903d3f0 | 1.0.1-10.module+el8.0.0+3892+c903d3f0 |
redhat/python-nss-doc | <1.0.1-10.module+el8.0.0+3892+c903d3f0 | 1.0.1-10.module+el8.0.0+3892+c903d3f0 |
redhat/python3-nss | <1.0.1-10.module+el8.0.0+3892+c903d3f0 | 1.0.1-10.module+el8.0.0+3892+c903d3f0 |
redhat/python3-nss-debuginfo | <1.0.1-10.module+el8.0.0+3892+c903d3f0 | 1.0.1-10.module+el8.0.0+3892+c903d3f0 |
redhat/python-nss-debugsource | <1.0.1-10.module+el8.0.0+3892+c903d3f0 | 1.0.1-10.module+el8.0.0+3892+c903d3f0 |
redhat/python-nss-doc | <1.0.1-10.module+el8.0.0+3892+c903d3f0 | 1.0.1-10.module+el8.0.0+3892+c903d3f0 |
redhat/python3-nss | <1.0.1-10.module+el8.0.0+3892+c903d3f0 | 1.0.1-10.module+el8.0.0+3892+c903d3f0 |
redhat/python3-nss-debuginfo | <1.0.1-10.module+el8.0.0+3892+c903d3f0 | 1.0.1-10.module+el8.0.0+3892+c903d3f0 |
redhat/python-nss-debugsource | <1.0.1-10.module+el8.0.0+3892+c903d3f0 | 1.0.1-10.module+el8.0.0+3892+c903d3f0 |
redhat/python-nss-doc | <1.0.1-10.module+el8.0.0+3892+c903d3f0 | 1.0.1-10.module+el8.0.0+3892+c903d3f0 |
redhat/python3-nss | <1.0.1-10.module+el8.0.0+3892+c903d3f0 | 1.0.1-10.module+el8.0.0+3892+c903d3f0 |
redhat/python3-nss-debuginfo | <1.0.1-10.module+el8.0.0+3892+c903d3f0 | 1.0.1-10.module+el8.0.0+3892+c903d3f0 |
redhat/python-nss-debugsource | <1.0.1-10.module+el8.0.0+3892+c903d3f0.aa | 1.0.1-10.module+el8.0.0+3892+c903d3f0.aa |
redhat/python-nss-doc | <1.0.1-10.module+el8.0.0+3892+c903d3f0.aa | 1.0.1-10.module+el8.0.0+3892+c903d3f0.aa |
redhat/python3-nss | <1.0.1-10.module+el8.0.0+3892+c903d3f0.aa | 1.0.1-10.module+el8.0.0+3892+c903d3f0.aa |
redhat/python3-nss-debuginfo | <1.0.1-10.module+el8.0.0+3892+c903d3f0.aa | 1.0.1-10.module+el8.0.0+3892+c903d3f0.aa |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.