CVE-2019-16943

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-16943

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-16943.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-16943

Aliases

GHSA-fmmc-742q-jg75

Related

Published

2019-10-01T17:15:10Z

Modified

2024-09-18T03:03:28.607769Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.

References

Affected packages

Debian:11 / jackson-databind

Package

Name: jackson-databind
Purl: pkg:deb/debian/jackson-databind?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.10.0-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / jackson-databind

Package

Name: jackson-databind
Purl: pkg:deb/debian/jackson-databind?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.10.0-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / jackson-databind

Package

Name: jackson-databind
Purl: pkg:deb/debian/jackson-databind?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.10.0-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/fasterxml/jackson-databind

Affected ranges

Type: GIT
Repo: https://github.com/fasterxml/jackson-databind
Events: Introduced

e8df0987e3034d102ee6d704d30a05a2e3ac7089

Fixed

ec1adf8c72625fd51b30105afad7464c4332d542

Affected versions

2.*

2.2.0c

2.6.0-rc3b

jackson-databind-2.*

jackson-databind-2.0.0

jackson-databind-2.0.1

jackson-databind-2.0.2

jackson-databind-2.0.4

jackson-databind-2.1.0

jackson-databind-2.1.1

jackson-databind-2.2.0

jackson-databind-2.2.0-rc1

jackson-databind-2.2.1

jackson-databind-2.2.2

jackson-databind-2.3.0

jackson-databind-2.3.0-rc1

jackson-databind-2.3.1

jackson-databind-2.4.0

jackson-databind-2.4.0-rc1

jackson-databind-2.4.0-rc2

jackson-databind-2.4.0-rc3

jackson-databind-2.4.1

jackson-databind-2.4.1.1

jackson-databind-2.4.1.2

jackson-databind-2.4.1.3

jackson-databind-2.4.2

jackson-databind-2.4.3

jackson-databind-2.4.4

jackson-databind-2.4.5

jackson-databind-2.4.5.1

jackson-databind-2.4.6

jackson-databind-2.5.0

jackson-databind-2.5.0-rc1

jackson-databind-2.5.1

jackson-databind-2.5.2

jackson-databind-2.5.3

jackson-databind-2.5.4

jackson-databind-2.5.5

jackson-databind-2.6.0

jackson-databind-2.6.0-rc1

jackson-databind-2.6.0-rc2

jackson-databind-2.6.0-rc4

jackson-databind-2.6.1

jackson-databind-2.6.2

jackson-databind-2.6.3

jackson-databind-2.6.4

jackson-databind-2.6.5

jackson-databind-2.6.6

jackson-databind-2.6.7

jackson-databind-2.6.7.1

jackson-databind-2.6.7.2