CVE-2018-14719
CRITICAL
9.8
CVSS Severity Score
Vulnerability Description
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization.
Affected Platforms (CPE)
📦
Fasterxml
Jackson Databind
>= 2.0.0 and < 2.6.7.3📦
Fasterxml
Jackson Databind
>= 2.7.0 and < 2.7.9.5📦
Fasterxml
Jackson Databind
>= 2.8.0 and < 2.8.11.3📦
Fasterxml
Jackson Databind
>= 2.9.0 and < 2.9.7💻
Debian
Debian Linux
= 8.0💻
Debian
Debian Linux
= 9.0📦
Oracle
Banking Platform
= 2.5.0📦
Oracle
Banking Platform
= 2.6.0📦
Oracle
Banking Platform
= 2.6.1📦
Oracle
Banking Platform
= 2.6.2📦
Oracle
Business Process Management Suite
= 12.1.3.0.0📦
Oracle
Business Process Management Suite
= 12.2.1.3.0📦
Oracle
Clusterware
= 12.1.0.2.0📦
Oracle
Communications Billing And Revenue Management
= 7.5📦
Oracle
Communications Billing And Revenue Management
= 12.0📦
Oracle
Database Server
= 11.2.0.4📦
Oracle
Database Server
= 12.1.0.2📦
Oracle
Database Server
= 12.2.0.1📦
Oracle
Database Server
= 18c📦
Oracle
Database Server
= 19c📦
Oracle
Enterprise Manager For Virtualization
= 13.2.2📦
Oracle
Enterprise Manager For Virtualization
= 13.2.3📦
Oracle
Enterprise Manager For Virtualization
= 13.3.1📦
Oracle
Financial Services Analytical Applications Infrastructure
= 8.0.2📦
Oracle
Financial Services Analytical Applications Infrastructure
= 8.0.3📦
Oracle
Financial Services Analytical Applications Infrastructure
= 8.0.4📦
Oracle
Financial Services Analytical Applications Infrastructure
= 8.0.5📦
Oracle
Financial Services Analytical Applications Infrastructure
= 8.0.6📦
Oracle
Financial Services Analytical Applications Infrastructure
= 8.0.7📦
Oracle
Global Lifecycle Management Opatch
< 11.2.0.3.23📦
Oracle
Global Lifecycle Management Opatch
>= 12.2.0.1.0 and < 12.2.0.1.19📦
Oracle
Global Lifecycle Management Opatch
>= 13.9.4.0.0 and < 13.9.4.2.1📦
Oracle
Jdeveloper
= 12.1.3.0.0📦
Oracle
Jdeveloper
= 12.2.1.3.0📦
Oracle
Primavera P6 Enterprise Project Portfolio Management
>= 17.7 and <= 17.12📦
Oracle
Primavera P6 Enterprise Project Portfolio Management
= 15.1📦
Oracle
Primavera P6 Enterprise Project Portfolio Management
= 15.2📦
Oracle
Primavera P6 Enterprise Project Portfolio Management
= 16.1📦
Oracle
Primavera P6 Enterprise Project Portfolio Management
= 16.2📦
Oracle
Primavera P6 Enterprise Project Portfolio Management
= 18.8📦
Oracle
Primavera Unifier
>= 17.7 and <= 17.12📦
Oracle
Primavera Unifier
= 16.1📦
Oracle
Primavera Unifier
= 16.2📦
Oracle
Primavera Unifier
= 18.8📦
Oracle
Retail Merchandising System
= 15.0📦
Oracle
Retail Merchandising System
= 16.0📦
Oracle
Retail Workforce Management Software
= 1.60.9.0.0📦
Oracle
Webcenter Portal
= 12.2.1.3.0📦
Redhat
Openshift Container Platform
>= 3.11 and < 3.11.153📦
Redhat
Openshift Container Platform
>= 4.6 and < 4.6.26📦
Redhat
Openshift Container Platform
>= 4.1 and < 4.1.18📦
Netapp
Oncommand Workflow Automation
All versions📦
Netapp
Snapcenter
All versions📦
Netapp