NVD - CVE-2019-17531

Vulnerability Change Records for CVE-2019-17531

Change History

CVE Modified by MITRE 7/14/2020 11:15:45 PM

Action	Type	Old Value	New Value
Added	Reference		https://www.oracle.com/security-alerts/cpujul2020.html [No Types Assigned]

CVE Modified by MITRE 4/15/2020 5:15:31 PM

Action	Type	Old Value	New Value
Added	Reference		https://www.oracle.com/security-alerts/cpuapr2020.html [No Types Assigned]

CVE Modified by MITRE 10/24/2019 2:15:11 AM

Action	Type	Old Value	New Value
Added	Reference		https://security.netapp.com/advisory/ntap-20191024-0005/ [No Types Assigned]

Initial Analysis 10/17/2019 12:34:30 PM

Action	Type	Old Value	New Value
Added	CPE Configuration		OR cpe:2.3:a:fasterxml:jackson-databind::::::::* versions from (including) 2.0.0 up to (including) 2.9.10
Added	CVSS V2		NIST (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Added	CVSS V3.1		NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Added	CWE		NIST CWE-20
Changed	Reference Type	https://github.com/FasterXML/jackson-databind/issues/2498 No Types Assigned	https://github.com/FasterXML/jackson-databind/issues/2498 Third Party Advisory
Changed	Reference Type	https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 No Types Assigned	https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 Exploit, Third Party Advisory

CVE Modified by MITRE 7/29/2020 8:15:18 AM

Action	Type	Old Value	New Value
Added	Reference		https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E [No Types Assigned]

CVE Modified by MITRE 1/15/2020 3:15:23 PM

Action	Type	Old Value	New Value
Added	Reference		https://www.oracle.com/security-alerts/cpujan2020.html [No Types Assigned]

CVE Modified by MITRE 2/06/2020 7:15:11 AM

Action	Type	Old Value	New Value
Added	Reference		https://access.redhat.com/errata/RHSA-2020:0445 [No Types Assigned]

CWE Remap 8/24/2020 1:37:01 PM

Action	Type	Old Value	New Value
Changed	CWE	CWE-20	CWE-502

CVE Modified by MITRE 11/27/2019 10:15:11 AM

Action	Type	Old Value	New Value
Added	Reference		https://lists.apache.org/thread.html/b3c90d38f99db546de60fea65f99a924d540fae2285f014b79606ca5@%3Ccommits.pulsar.apache.org%3E [No Types Assigned]

CVE Modified by MITRE 12/10/2019 4:15:15 PM

Action	Type	Old Value	New Value
Added	Reference		https://lists.debian.org/debian-lts-announce/2019/12/msg00013.html [No Types Assigned]

CVE Modified by MITRE 1/21/2020 1:15:11 AM

Action	Type	Old Value	New Value
Added	Reference		https://access.redhat.com/errata/RHSA-2020:0159 [No Types Assigned]
Added	Reference		https://access.redhat.com/errata/RHSA-2020:0164 [No Types Assigned]

CVE Modified by MITRE 10/20/2020 6:15:33 PM

Action	Type	Old Value	New Value
Added	Reference		https://www.oracle.com/security-alerts/cpuoct2020.html [No Types Assigned]

CVE Modified by MITRE 1/21/2020 3:15:10 AM

Action	Type	Old Value	New Value
Added	Reference		https://access.redhat.com/errata/RHSA-2020:0160 [No Types Assigned]
Added	Reference		https://access.redhat.com/errata/RHSA-2020:0161 [No Types Assigned]

CVE Modified by MITRE 12/10/2019 3:15:17 PM

Action	Type	Old Value	New Value
Added	Reference		https://access.redhat.com/errata/RHSA-2019:4192 [No Types Assigned]

CVE Modified by MITRE 8/31/2020 10:15:16 AM

Action	Type	Old Value	New Value
Added	Reference		https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E [No Types Assigned]

CVE Modified by MITRE 1/15/2020 6:15:12 AM

Action	Type	Old Value	New Value
Added	Reference		https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f@%3Ccommits.druid.apache.org%3E [No Types Assigned]