CVE-2019-14540
Description
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
6.292
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2019-14540,CVE-2019-14893 are affected in Mysql 8.0.5 | Windows |
| Multiple vulnerabilities affected in Oracle WebLogic Server 12.2.1.3.0 | Windows |
| Multiple Vulnerabilities are affected in Mysql 8.0.5 | Windows |
| Multiple vulnerabilities are affected in Oracle WebLogic Server 12.2.1.3.0 | Windows |
| Multiple vulnerabilities are fixed in Jackson-databind 2.6.7.3 | Windows |
| Multiple vulnerabilities are fixed in Jackson-databind 2.8.11.5 | Windows |
| Vulnerabilities CVE-2019-17267,CVE-2019-14893,CVE-2019-14892,CVE-2019-16335,CVE-2019-14540 are fixed in Jackson-databind 2.9.10 | Windows |
| Multiple Vulnerabilities are affected in Netapp Oncommand Workflow Automation 2.3 | Windows |
| Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 7.2 | Windows |
| Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 7.3 | Windows |
| Multiple Vulnerabilities are affected in IBM Sterling B2B Integrator 5.2.6.5 | Windows |
| Multiple Vulnerabilities are affected in IBM Sterling B2B Integrator 6.0.3.4 | Windows |
| Multiple Vulnerabilities are affected in IBM Sterling B2B Integrator 6.0.0.6 | Windows |
| Multiple Vulnerabilities are affected in IBM Sterling B2B Integrator 6.1.0.2 | Windows |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update jss-4.6.2-4.module+el8.2.0+6123+b4678599.x86_64.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update jss-debugsource-4.6.2-4.module+el8.2.0+6123+b4678599.x86_64.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update jss-javadoc-4.6.2-4.module+el8.2.0+6123+b4678599.x86_64.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update ldapjdk-4.21.0-2.module+el8.2.0+4573+c3c38c7b.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update ldapjdk-javadoc-4.21.0-2.module+el8.2.0+4573+c3c38c7b.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update pki-base-10.8.3-1.module+el8.2.0+5925+bad5981a.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update pki-base-java-10.8.3-1.module+el8.2.0+5925+bad5981a.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update pki-ca-10.8.3-1.module+el8.2.0+5925+bad5981a.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update pki-core-debugsource-10.8.3-1.module+el8.2.0+5925+bad5981a.x86_64.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update pki-kra-10.8.3-1.module+el8.2.0+5925+bad5981a.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update pki-server-10.8.3-1.module+el8.2.0+5925+bad5981a.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update pki-servlet-4.0-api-9.0.7-16.module+el8.1.0+3366+6dfb954c.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update pki-servlet-engine-9.0.7-16.module+el8.1.0+3366+6dfb954c.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update pki-symkey-10.8.3-1.module+el8.2.0+5925+bad5981a.x86_64.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update pki-tools-10.8.3-1.module+el8.2.0+5925+bad5981a.x86_64.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update python3-pki-10.8.3-1.module+el8.2.0+5925+bad5981a.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update resteasy-3.0.26-3.module+el8.1.0+3366+6dfb954c.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update stax-ex-1.7.7-8.module+el8.1.0+3366+6dfb954c.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update tomcatjss-7.4.1-2.module+el8.2.0+4573+c3c38c7b.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update xmlstreambuffer-1.5.4-8.module+el8.1.0+3366+6dfb954c.noarch.rpm | Linux |
| (RHSA-2020:1644) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm | Linux |
| Vulnerabilities CVE-2019-14540,CVE-2019-14893 are affected in Mysql 8.0.5 (For Linux) | Linux |
| Multiple Vulnerabilities are affected in Mysql 8.0.5 (For Linux) | Linux |
| pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:1644) slf4j-1.7.25-4.module+el8.5.0+697+f586bb30.noarch.rpm | Linux |
| pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:1644) velocity-1.7-24.module+el8.3.0+53+ea062990.noarch.rpm | Linux |
| pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:1644) xalan-j2-2.7.1-38.module+el8.3.0+53+ea062990.noarch.rpm | Linux |
| pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:1644) javassist-3.18.1-8.module+el8.3.0+53+ea062990.noarch.rpm | Linux |
| pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:1644) xerces-j2-2.11.0-34.module+el8.3.0+53+ea062990.noarch.rpm | Linux |
| pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:1644) javassist-javadoc-3.18.1-8.module+el8.3.0+53+ea062990.noarch.rpm | Linux |
| pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:1644) apache-commons-lang-2.6-21.module+el8.3.0+53+ea062990.noarch.rpm | Linux |
| pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:1644) xml-commons-resolver-1.2-26.module+el8.3.0+53+ea062990.noarch.rpm | Linux |
| pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:1644) apache-commons-collections-3.2.2-10.module+el8.3.0+53+ea062990.noarch.rpm | Linux |
| pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:1644) jakarta-commons-httpclient-3.1-28.module+el8.3.0+53+ea062990.noarch.rpm | Linux |
| Multiple vulnerabilities are fixed in Jackson-databind for Linux 2.6.7.3 | Linux |
| Multiple vulnerabilities are fixed in Jackson-databind for Linux 2.8.11.5 | Linux |
| Vulnerabilities CVE-2019-17267,CVE-2019-14893,CVE-2019-14892,CVE-2019-16335,CVE-2019-14540 are fixed in Jackson-databind for Linux 2.9.10 | Linux |
| Deserialization of Untrusted Data Vulnerability (CVE-2019-14540) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234