CVE-2020-14061: High severity fasterxml jackson-databind vulnerability
Published May 19, 2020
·Updated
A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.5. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Other sources
A vulnerability was found in FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory.
References: https://github.com/FasterXML/jackson-databind/issues/2698 https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062
— Red Hat
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms).
Affected Software
317 affected componentsFixes available
redhat/candlepin<0:2.6.16-1.el7
0:2.6.16-1.el7
redhat/foreman<0:1.22.0.39-2.el7
0:1.22.0.39-2.el7
redhat/satellite<0:6.6.3-1.el7
0:6.6.3-1.el7
redhat/tfm-rubygem-fog-ovirt<0:1.2.3-1.el7
0:1.2.3-1.el7
redhat/tfm-rubygem-katello<0:3.12.0.41-1.el7
0:3.12.0.41-1.el7
redhat/tfm-rubygem-runcible<0:2.13.0-1.el7
0:2.13.0-1.el7
redhat/candlepin<0:2.9.28-1.el7
0:2.9.28-1.el7
redhat/foreman<0:1.24.1.24-1.el7
0:1.24.1.24-1.el7
redhat/foreman-installer<1:1.24.1.21-1.el7
1:1.24.1.21-1.el7
redhat/pulp-rpm<0:2.21.0.6-1.el7
0:2.21.0.6-1.el7
redhat/satellite<0:6.7.2-1.el7
0:6.7.2-1.el7
redhat/tfm-rubygem-fog-vsphere<0:3.2.1.1-1.el7
0:3.2.1.1-1.el7
redhat/tfm-rubygem-foreman-tasks<0:0.17.5.6-1.el7
0:0.17.5.6-1.el7
redhat/tfm-rubygem-katello<0:3.14.0.25-1.el7
0:3.14.0.25-1.el7
redhat/ansible-collection-redhat-satellite<0:1.3.0-1.el7
0:1.3.0-1.el7
redhat/ansiblerole-insights-client<0:1.7.1-1.el7
0:1.7.1-1.el7
redhat/ansiblerole-satellite-receptor-installer<0:0.6.13-1.el7
0:0.6.13-1.el7
redhat/ansible-runner<0:1.4.6-1.el7a
0:1.4.6-1.el7a
redhat/candlepin<0:3.1.21-1.el7
0:3.1.21-1.el7
redhat/foreman<0:2.1.2.19-1.el7
0:2.1.2.19-1.el7
redhat/foreman-bootloaders-redhat<0:202005201200-1.el7
0:202005201200-1.el7
redhat/foreman-discovery-image-service<0:1.0.0-3.el7
0:1.0.0-3.el7
redhat/foreman-installer<1:2.1.2.8-1.el7
1:2.1.2.8-1.el7
redhat/foreman-proxy<0:2.1.2-2.el7
0:2.1.2-2.el7
redhat/foreman-selinux<0:2.1.2.3-1.el7
0:2.1.2.3-1.el7
redhat/future<0:0.16.0-11.el7
0:0.16.0-11.el7
redhat/gofer<0:2.12.5-7.el7
0:2.12.5-7.el7
redhat/hfsplus-tools<0:332.14-12.el7
0:332.14-12.el7
redhat/katello<0:3.16.0-1.el7
0:3.16.0-1.el7
redhat/katello-certs-tools<0:2.7.1-1.el7
0:2.7.1-1.el7
redhat/katello-client-bootstrap<0:1.7.5-1.el7
0:1.7.5-1.el7
redhat/katello-selinux<0:3.4.0-1.el7
0:3.4.0-1.el7
redhat/keycloak-httpd-client-install<0:1.2.2-1.el7
0:1.2.2-1.el7
redhat/kobo<0:0.5.1-1.el7
0:0.5.1-1.el7
redhat/libmodulemd<0:1.7.0-1.pulp.el7
0:1.7.0-1.pulp.el7
redhat/libsolv<0:0.7.4-4.pulp.el7
0:0.7.4-4.pulp.el7
redhat/libwebsockets<0:2.4.2-2.el7
0:2.4.2-2.el7
redhat/livecd-tools<1:20.4-1.6.el7
1:20.4-1.6.el7
redhat/ostree<0:2017.1-2.atomic.el7
0:2017.1-2.atomic.el7
redhat/pcp-mmvstatsd<0:0.4-2.el7
0:0.4-2.el7
redhat/pulp<0:2.21.3-1.el7
0:2.21.3-1.el7
redhat/pulp-docker<0:3.2.7-1.el7
0:3.2.7-1.el7
redhat/pulp-katello<0:1.0.3-1.el7
0:1.0.3-1.el7
redhat/pulp-ostree<0:1.3.1-2.el7
0:1.3.1-2.el7
redhat/pulp-puppet<0:2.21.3-2.el7
0:2.21.3-2.el7
redhat/pulp-rpm<0:2.21.3-2.el7
0:2.21.3-2.el7
redhat/puppet-agent<0:6.14.0-2.el7
0:6.14.0-2.el7
redhat/puppet-agent-oauth<0:0.5.1-3.el7
0:0.5.1-3.el7
redhat/puppetlabs-stdlib<0:4.25.1-2.el7
0:4.25.1-2.el7
redhat/puppetserver<0:6.13.0-1.el7
0:6.13.0-1.el7
redhat/pycairo<0:1.16.3-9.el7
0:1.16.3-9.el7
redhat/pygobject3<0:3.28.3-2.el7
0:3.28.3-2.el7
redhat/python-aiohttp<0:3.6.2-4.el7a
0:3.6.2-4.el7a
redhat/python-amqp<0:2.2.2-5.el7
0:2.2.2-5.el7
redhat/python-anyjson<0:0.3.3-11.el7
0:0.3.3-11.el7
redhat/python-apypie<0:0.2.2-1.el7
0:0.2.2-1.el7
redhat/python-async-timeout<0:3.0.1-2.el7a
0:3.0.1-2.el7a
redhat/python-attrs<0:19.3.0-3.el7a
0:19.3.0-3.el7a
redhat/python-billiard<1:3.5.0.3-3.el7
1:3.5.0.3-3.el7
redhat/python-blinker<0:1.3-2.el7
0:1.3-2.el7
redhat/python-celery<0:4.0.2-9.el7
0:4.0.2-9.el7
redhat/python-chardet<0:3.0.4-10.el7a
0:3.0.4-10.el7a
redhat/python-click<0:6.7-9.el7
0:6.7-9.el7
redhat/python-crane<0:3.3.1-9.el7
0:3.3.1-9.el7
redhat/python-daemon<0:2.1.2-7.el7a
0:2.1.2-7.el7a
redhat/python-dateutil<0:2.8.1-2.el7a
0:2.8.1-2.el7a
redhat/python-django<0:1.11.29-1.el7
0:1.11.29-1.el7
redhat/python-flask<1:0.12.2-4.el7
1:0.12.2-4.el7
redhat/python-gnupg<0:0.3.7-1.el7
0:0.3.7-1.el7
redhat/python-idna<0:2.4-2.el7a
0:2.4-2.el7a
redhat/python-idna-ssl<0:1.1.0-2.el7a
0:1.1.0-2.el7a
redhat/python-isodate<0:0.5.4-12.el7
0:0.5.4-12.el7
redhat/python-itsdangerous<0:0.24-15.el7
0:0.24-15.el7
redhat/python-jinja2<0:2.10-10.el7
0:2.10-10.el7
redhat/python-jmespath<0:0.9.0-6.el7_7
0:0.9.0-6.el7_7
redhat/python-kid<0:0.9.6-11.el7
0:0.9.6-11.el7
redhat/python-kombu<10:4.0.2-13.el7
10:4.0.2-13.el7
redhat/python-lockfile<1:0.11.0-10.el7a
1:0.11.0-10.el7a
redhat/python-markupsafe<0:0.23-21.el7
0:0.23-21.el7
redhat/python-mongoengine<0:0.10.5-2.el7
0:0.10.5-2.el7
redhat/python-multidict<0:4.7.4-2.el7a
0:4.7.4-2.el7a
redhat/python-nectar<0:1.6.2-1.el7
0:1.6.2-1.el7
redhat/python-oauth2<0:1.5.211-8.el7
0:1.5.211-8.el7
redhat/python-okaara<0:1.0.37-2.el7
0:1.0.37-2.el7
redhat/python-pexpect<0:4.6-1.el7a
0:4.6-1.el7a
redhat/python-prometheus-client<0:0.7.1-2.el7a
0:0.7.1-2.el7a
redhat/python-psutil<0:5.0.1-3.el7
0:5.0.1-3.el7
redhat/python-ptyprocess<0:0.5.2-3.el7a
0:0.5.2-3.el7a
redhat/python-pycurl<0:7.43.0.2-4.el7
0:7.43.0.2-4.el7
redhat/python-pymongo<0:3.2-2.el7
0:3.2-2.el7
redhat/python-qpid<0:1.35.0-5.el7
0:1.35.0-5.el7
redhat/python-receptor-satellite<0:1.2.0-1.el7
0:1.2.0-1.el7
redhat/python-simplejson<0:3.2.0-1.el7
0:3.2.0-1.el7
redhat/python-six<0:1.11.0-8.el7a
0:1.11.0-8.el7a
redhat/python-twisted<0:16.4.1-12.el7
0:16.4.1-12.el7
redhat/python-typing-extensions<0:3.7.4.1-2.el7a
0:3.7.4.1-2.el7a
redhat/python-vine<10:1.1.3-6.el7
10:1.1.3-6.el7
redhat/python-werkzeug<0:0.12.2-5.el7
0:0.12.2-5.el7
redhat/python-yarl<0:1.4.2-2.el7a
0:1.4.2-2.el7a
redhat/python-zope-interface<0:4.0.5-4.el7
0:4.0.5-4.el7
redhat/qpid-cpp<0:1.36.0-28.el7a
0:1.36.0-28.el7a
redhat/qpid-dispatch<0:1.5.0-4.el7
0:1.5.0-4.el7
redhat/qpid-proton<0:0.28.0-3.el7
0:0.28.0-3.el7
redhat/receptor<0:0.6.3-1.el7a
0:0.6.3-1.el7a
redhat/redhat-access-insights-puppet<0:1.0.1-1.el7
0:1.0.1-1.el7
redhat/repoview<0:0.6.6-11.el7
0:0.6.6-11.el7
redhat/rhel8-kickstart-setup<0:0.0.2-1.el7
0:0.0.2-1.el7
redhat/rh-postgresql12-postgresql-evr<0:0.0.2-1.el7
0:0.0.2-1.el7
redhat/rubygem-facter<0:2.4.1-2.el7
0:2.4.1-2.el7
redhat/rubygem-highline<0:1.7.8-3.el7
0:1.7.8-3.el7
redhat/rubygem-newt<0:0.9.6-3.el7
0:0.9.6-3.el7
redhat/rubygem-oauth<0:0.5.4-2.el7
0:0.5.4-2.el7
redhat/rubygem-passenger<0:4.0.18-24.el7
0:4.0.18-24.el7
redhat/rubygem-rack<1:1.6.12-1.el7
1:1.6.12-1.el7
redhat/rubygem-rake<0:0.9.2.2-41.el7
0:0.9.2.2-41.el7
redhat/saslwrapper<0:0.22-5.el7
0:0.22-5.el7
redhat/satellite<0:6.8.0-1.el7
0:6.8.0-1.el7
redhat/satellite-installer<0:6.8.0.11-1.el7
0:6.8.0.11-1.el7
redhat/tfm<0:6.1-1.el7
0:6.1-1.el7
redhat/tfm-rubygem-actioncable<0:6.0.3.1-1.el7
0:6.0.3.1-1.el7
redhat/tfm-rubygem-actionmailbox<0:6.0.3.1-1.el7
0:6.0.3.1-1.el7
redhat/tfm-rubygem-actionmailer<0:6.0.3.1-1.el7
0:6.0.3.1-1.el7
redhat/tfm-rubygem-actionpack<0:6.0.3.1-1.el7
0:6.0.3.1-1.el7
redhat/tfm-rubygem-actiontext<0:6.0.3.1-1.el7
0:6.0.3.1-1.el7
redhat/tfm-rubygem-actionview<0:6.0.3.1-1.el7
0:6.0.3.1-1.el7
redhat/tfm-rubygem-activejob<0:6.0.3.1-1.el7
0:6.0.3.1-1.el7
redhat/tfm-rubygem-activemodel<0:6.0.3.1-1.el7
0:6.0.3.1-1.el7
redhat/tfm-rubygem-activerecord<0:6.0.3.1-1.el7
0:6.0.3.1-1.el7
redhat/tfm-rubygem-activerecord-import<0:1.0.0-6.el7
0:1.0.0-6.el7
redhat/tfm-rubygem-activestorage<0:6.0.3.1-1.el7
0:6.0.3.1-1.el7
redhat/tfm-rubygem-activesupport<0:6.0.3.1-1.el7
0:6.0.3.1-1.el7
redhat/tfm-rubygem-addressable<0:2.6.0-1.el7
0:2.6.0-1.el7
redhat/tfm-rubygem-algebrick<0:0.7.3-6.el7
0:0.7.3-6.el7
redhat/tfm-rubygem-ancestry<0:3.0.7-1.el7
0:3.0.7-1.el7
redhat/tfm-rubygem-anemone<0:0.7.2-22.el7
0:0.7.2-22.el7
redhat/tfm-rubygem-angular-rails-templates<1:1.1.0-1.el7
1:1.1.0-1.el7
redhat/tfm-rubygem-ansi<0:1.5.0-2.el7
0:1.5.0-2.el7
redhat/tfm-rubygem-apipie-bindings<0:0.3.0-1.el7
0:0.3.0-1.el7
redhat/tfm-rubygem-apipie-dsl<0:2.2.2-2.el7
0:2.2.2-2.el7
redhat/tfm-rubygem-apipie-params<0:0.0.5-5.el7
0:0.0.5-5.el7
redhat/tfm-rubygem-apipie-rails<0:0.5.17-3.el7
0:0.5.17-3.el7
redhat/tfm-rubygem-audited<0:4.9.0-3.el7
0:4.9.0-3.el7
redhat/tfm-rubygem-bcrypt<0:3.1.12-1.el7
0:3.1.12-1.el7
redhat/tfm-rubygem-builder<0:3.2.4-1.el7
0:3.2.4-1.el7
redhat/tfm-rubygem-clamp<0:1.1.2-5.el7
0:1.1.2-5.el7
redhat/tfm-rubygem-coffee-rails<0:5.0.0-1.el7
0:5.0.0-1.el7
redhat/tfm-rubygem-coffee-script<0:2.4.1-4.el7
0:2.4.1-4.el7
redhat/tfm-rubygem-coffee-script-source<0:1.12.2-4.el7
0:1.12.2-4.el7
redhat/tfm-rubygem-concurrent-ruby<1:1.1.6-2.el7
1:1.1.6-2.el7
redhat/tfm-rubygem-concurrent-ruby-edge<1:0.6.0-2.el7
1:0.6.0-2.el7
redhat/tfm-rubygem-crass<0:1.0.6-1.el7
0:1.0.6-1.el7
redhat/tfm-rubygem-daemons<0:1.2.3-7.el7
0:1.2.3-7.el7
redhat/tfm-rubygem-deacon<0:1.0.0-4.el7
0:1.0.0-4.el7
redhat/tfm-rubygem-declarative<0:0.0.10-1.el7
0:0.0.10-1.el7
redhat/tfm-rubygem-declarative-option<0:0.1.0-1.el7
0:0.1.0-1.el7
redhat/tfm-rubygem-deface<0:1.5.3-2.el7
0:1.5.3-2.el7
redhat/tfm-rubygem-diffy<0:3.0.1-6.el7
0:3.0.1-6.el7
redhat/tfm-rubygem-dynflow<0:1.4.7-1.fm2_1.el7
0:1.4.7-1.fm2_1.el7
redhat/tfm-rubygem-erubi<0:1.9.0-1.el7
0:1.9.0-1.el7
redhat/tfm-rubygem-excon<0:0.58.0-3.el7
0:0.58.0-3.el7
redhat/tfm-rubygem-execjs<0:2.7.0-4.el7
0:2.7.0-4.el7
redhat/tfm-rubygem-facter<0:2.4.0-6.el7
0:2.4.0-6.el7
redhat/tfm-rubygem-faraday<0:0.15.4-1.el7
0:0.15.4-1.el7
redhat/tfm-rubygem-ffi<0:1.12.2-1.el7
0:1.12.2-1.el7
redhat/tfm-rubygem-fog-aws<0:3.6.5-1.el7
0:3.6.5-1.el7
redhat/tfm-rubygem-fog-core<0:2.1.0-3.el7
0:2.1.0-3.el7
redhat/tfm-rubygem-fog-google<0:1.8.2-1.el7
0:1.8.2-1.el7
redhat/tfm-rubygem-fog-json<0:1.2.0-3.el7
0:1.2.0-3.el7
redhat/tfm-rubygem-fog-kubevirt<0:1.3.3-1.el7
0:1.3.3-1.el7
redhat/tfm-rubygem-fog-libvirt<0:0.7.0-1.el7
0:0.7.0-1.el7
redhat/tfm-rubygem-fog-openstack<0:1.0.8-2.el7
0:1.0.8-2.el7
redhat/tfm-rubygem-fog-ovirt<0:1.2.5-1.el7
0:1.2.5-1.el7
redhat/tfm-rubygem-fog-vsphere<0:3.3.1-1.el7
0:3.3.1-1.el7
redhat/tfm-rubygem-fog-xml<0:0.1.2-8.el7
0:0.1.2-8.el7
redhat/tfm-rubygem-foreman-tasks<0:2.0.2-1.fm2_1.el7
0:2.0.2-1.fm2_1.el7
redhat/tfm-rubygem-foreman-tasks-core<0:0.3.4-1.el7
0:0.3.4-1.el7
redhat/tfm-rubygem-formatador<0:0.2.1-11.el7
0:0.2.1-11.el7
redhat/tfm-rubygem-fx<0:0.5.0-1.el7
0:0.5.0-1.el7
redhat/tfm-rubygem-gettext<0:3.1.4-10.el7
0:3.1.4-10.el7
redhat/tfm-rubygem-git<0:1.5.0-1.el7
0:1.5.0-1.el7
redhat/tfm-rubygem-gitlab-sidekiq-fetcher<0:0.5.2-2.el7
0:0.5.2-2.el7
redhat/tfm-rubygem-globalid<0:0.4.2-1.el7
0:0.4.2-1.el7
redhat/tfm-rubygem-google-api-client<0:0.23.9-3.el7
0:0.23.9-3.el7
redhat/tfm-rubygem-googleauth<0:0.6.7-3.el7
0:0.6.7-3.el7
redhat/tfm-rubygem-graphql<0:1.8.14-1.el7
0:1.8.14-1.el7
redhat/tfm-rubygem-graphql-batch<0:0.3.10-1.el7
0:0.3.10-1.el7
redhat/tfm-rubygem-gssapi<0:1.2.0-6.el7
0:1.2.0-6.el7
redhat/tfm-rubygem-hashie<0:3.6.0-1.el7
0:3.6.0-1.el7
redhat/tfm-rubygem-highline<0:1.7.8-4.el7
0:1.7.8-4.el7
redhat/tfm-rubygem-http<0:3.3.0-1.el7
0:3.3.0-1.el7
redhat/tfm-rubygem-httpclient<0:2.8.3-1.el7
0:2.8.3-1.el7
redhat/tfm-rubygem-http-cookie<0:1.0.2-5.el7
0:1.0.2-5.el7
redhat/tfm-rubygem-i18n<0:1.8.2-1.el7
0:1.8.2-1.el7
redhat/tfm-rubygem-infoblox<0:3.0.0-3.el7
0:3.0.0-3.el7
redhat/tfm-rubygem-ipaddress<0:0.8.0-11.el7
0:0.8.0-11.el7
redhat/tfm-rubygem-jgrep<0:1.3.3-12.el7
0:1.3.3-12.el7
redhat/tfm-rubygem-journald-logger<0:2.0.4-2.el7
0:2.0.4-2.el7
redhat/tfm-rubygem-journald-native<0:1.0.11-2.el7
0:1.0.11-2.el7
redhat/tfm-rubygem-jwt<0:2.2.1-1.el7
0:2.2.1-1.el7
redhat/tfm-rubygem-kafo<0:4.1.0-3.el7
0:4.1.0-3.el7
redhat/tfm-rubygem-katello<0:3.16.0.11-1.el7
0:3.16.0.11-1.el7
redhat/tfm-rubygem-kubeclient<0:4.3.0-1.el7
0:4.3.0-1.el7
redhat/tfm-rubygem-little-plugger<0:1.1.4-1.el7
0:1.1.4-1.el7
redhat/tfm-rubygem-locale<0:2.0.9-13.el7
0:2.0.9-13.el7
redhat/tfm-rubygem-logging<0:2.2.2-6.el7
0:2.2.2-6.el7
redhat/tfm-rubygem-logging-journald<0:2.0.0-2.el7
0:2.0.0-2.el7
redhat/tfm-rubygem-loofah<0:2.4.0-1.el7
0:2.4.0-1.el7
redhat/tfm-rubygem-mail<0:2.7.1-1.el7
0:2.7.1-1.el7
redhat/tfm-rubygem-marcel<0:0.3.3-1.el7
0:0.3.3-1.el7
redhat/tfm-rubygem-memoist<0:0.16.0-1.el7
0:0.16.0-1.el7
redhat/tfm-rubygem-mimemagic<0:0.3.5-1.el7
0:0.3.5-1.el7
redhat/tfm-rubygem-mime-types<0:3.2.2-4.el7
0:3.2.2-4.el7
redhat/tfm-rubygem-mime-types-data<0:3.2018.0812-4.el7
0:3.2018.0812-4.el7
redhat/tfm-rubygem-multipart-post<0:2.0.0-1.el7
0:2.0.0-1.el7
redhat/tfm-rubygem-mustermann<0:1.0.2-4.el7
0:1.0.2-4.el7
redhat/tfm-rubygem-net-ldap<0:0.16.1-1.el7
0:0.16.1-1.el7
redhat/tfm-rubygem-net-ping<0:2.0.1-3.el7
0:2.0.1-3.el7
redhat/tfm-rubygem-netrc<0:0.11.0-3.el7
0:0.11.0-3.el7
redhat/tfm-rubygem-net-scp<0:1.2.1-3.el7
0:1.2.1-3.el7
redhat/tfm-rubygem-net-ssh<0:4.2.0-1.el7
0:4.2.0-1.el7
redhat/tfm-rubygem-net-ssh-krb<0:0.4.0-3.el7
0:0.4.0-3.el7
redhat/tfm-rubygem-nio4r<0:2.5.2-2.el7
0:2.5.2-2.el7
redhat/tfm-rubygem-nokogiri<0:1.10.9-1.el7
0:1.10.9-1.el7
redhat/tfm-rubygem-oauth<0:0.5.4-3.el7
0:0.5.4-3.el7
redhat/tfm-rubygem-openscap<0:0.4.9-3.el7
0:0.4.9-3.el7
redhat/tfm-rubygem-optimist<0:3.0.0-1.el7
0:3.0.0-1.el7
redhat/tfm-rubygem-os<0:1.0.0-1.el7
0:1.0.0-1.el7
redhat/tfm-rubygem-ovirt-engine-sdk<0:4.2.3-3.el7
0:4.2.3-3.el7
redhat/tfm-rubygem-parse-cron<0:0.1.4-4.el7
0:0.1.4-4.el7
redhat/tfm-rubygem-passenger<0:4.0.18-26.el7
0:4.0.18-26.el7
redhat/tfm-rubygem-pg<0:1.1.4-2.el7
0:1.1.4-2.el7
redhat/tfm-rubygem-polyglot<0:0.3.5-3.el7
0:0.3.5-3.el7
redhat/tfm-rubygem-powerbar<0:2.0.1-2.el7
0:2.0.1-2.el7
redhat/tfm-rubygem-prometheus-client<0:1.0.0-1.el7
0:1.0.0-1.el7
redhat/tfm-rubygem-promise.rb<0:0.7.4-1.el7
0:0.7.4-1.el7
redhat/tfm-rubygem-puma<0:4.3.3-4.el7
0:4.3.3-4.el7
redhat/tfm-rubygem-puma-plugin-systemd<0:0.1.5-1.el7
0:0.1.5-1.el7
redhat/tfm-rubygem-quantile<0:0.2.0-3.el7
0:0.2.0-3.el7
redhat/tfm-rubygem-rabl<0:0.14.3-1.el7
0:0.14.3-1.el7
redhat/tfm-rubygem-rack<0:2.2.3-1.el7
0:2.2.3-1.el7
redhat/tfm-rubygem-rack-cors<0:1.0.2-1.el7
0:1.0.2-1.el7
redhat/tfm-rubygem-rack-jsonp<0:1.3.1-9.el7
0:1.3.1-9.el7
redhat/tfm-rubygem-rack-protection<0:2.0.3-4.el7
0:2.0.3-4.el7
redhat/tfm-rubygem-rack-test<0:1.1.0-4.el7
0:1.1.0-4.el7
redhat/tfm-rubygem-rails<0:6.0.3.1-1.el7
0:6.0.3.1-1.el7
redhat/tfm-rubygem-rails-dom-testing<0:2.0.3-6.el7
0:2.0.3-6.el7
redhat/tfm-rubygem-rails-html-sanitizer<0:1.3.0-1.el7
0:1.3.0-1.el7
redhat/tfm-rubygem-rails-i18n<0:6.0.0-2.el7
0:6.0.0-2.el7
redhat/tfm-rubygem-railties<0:6.0.3.1-1.el7
0:6.0.3.1-1.el7
redhat/tfm-rubygem-rainbow<0:2.2.1-5.el7
0:2.2.1-5.el7
redhat/tfm-rubygem-rb-inotify<0:0.9.7-5.el7
0:0.9.7-5.el7
redhat/tfm-rubygem-rbovirt<0:0.1.7-4.el7
0:0.1.7-4.el7
redhat/tfm-rubygem-rbvmomi<0:2.2.0-3.el7
0:2.2.0-3.el7
redhat/tfm-rubygem-recursive-open-struct<0:1.1.0-1.el7
0:1.1.0-1.el7
redhat/tfm-rubygem-redis<0:4.1.2-2.el7
0:4.1.2-2.el7
redhat/tfm-rubygem-representable<0:3.0.4-1.el7
0:3.0.4-1.el7
redhat/tfm-rubygem-responders<0:3.0.0-3.el7
0:3.0.0-3.el7
redhat/tfm-rubygem-rest-client<0:2.0.2-3.el7
0:2.0.2-3.el7
redhat/tfm-rubygem-retriable<0:3.1.2-1.el7
0:3.1.2-1.el7
redhat/tfm-rubygem-rkerberos<0:0.1.5-18.el7
0:0.1.5-18.el7
redhat/tfm-rubygem-roadie<0:3.4.0-3.el7
0:3.4.0-3.el7
redhat/tfm-rubygem-roadie-rails<0:2.1.1-2.el7
0:2.1.1-2.el7
redhat/tfm-rubygem-robotex<0:1.0.0-21.el7
0:1.0.0-21.el7
redhat/tfm-rubygem-rsec<0:0.4.3-4.el7
0:0.4.3-4.el7
redhat/tfm-rubygem-ruby2ruby<0:2.4.2-3.el7
0:2.4.2-3.el7
redhat/tfm-rubygem-rubyipmi<0:0.10.0-6.el7
0:0.10.0-6.el7
redhat/tfm-rubygem-ruby-libvirt<0:0.7.0-4.el7
0:0.7.0-4.el7
redhat/tfm-rubygem-runcible<0:2.13.0-2.el7
0:2.13.0-2.el7
redhat/tfm-rubygem-safemode<0:1.3.5-2.el7
0:1.3.5-2.el7
redhat/tfm-rubygem-sequel<0:5.7.1-2.el7
0:5.7.1-2.el7
redhat/tfm-rubygem-sidekiq<0:5.2.7-3.el7
0:5.2.7-3.el7
redhat/tfm-rubygem-signet<0:0.11.0-3.el7
0:0.11.0-3.el7
redhat/tfm-rubygem-sinatra<0:2.0.3-4.el7
0:2.0.3-4.el7
redhat/tfm-rubygem-sprockets<0:3.7.2-6.el7
0:3.7.2-6.el7
redhat/tfm-rubygem-sprockets-rails<0:3.2.1-6.el7
0:3.2.1-6.el7
redhat/tfm-rubygem-sqlite3<0:1.3.13-5.el7
0:1.3.13-5.el7
redhat/tfm-rubygem-sshkey<0:1.9.0-3.el7
0:1.9.0-3.el7
redhat/tfm-rubygem-statsd-instrument<0:2.1.4-2.el7
0:2.1.4-2.el7
redhat/tfm-rubygem-stomp<0:1.4.9-1.el7
0:1.4.9-1.el7
redhat/tfm-rubygem-text<0:1.3.0-7.el7
0:1.3.0-7.el7
redhat/tfm-rubygem-thor<0:1.0.1-2.el7
0:1.0.1-2.el7
redhat/tfm-rubygem-tilt<0:2.0.8-4.el7
0:2.0.8-4.el7
redhat/tfm-rubygem-timeliness<0:0.3.10-1.el7
0:0.3.10-1.el7
redhat/tfm-rubygem-tzinfo<0:1.2.6-1.el7
0:1.2.6-1.el7
redhat/tfm-rubygem-uber<0:0.1.0-1.el7
0:0.1.0-1.el7
redhat/tfm-rubygem-unf<0:0.1.3-7.el7
0:0.1.3-7.el7
redhat/tfm-rubygem-unicode<0:0.4.4.4-1.el7
0:0.4.4.4-1.el7
redhat/tfm-rubygem-webpack-rails<0:0.9.8-6.el7
0:0.9.8-6.el7
redhat/tfm-rubygem-websocket-driver<0:0.7.1-1.el7
0:0.7.1-1.el7
redhat/tfm-rubygem-websocket-extensions<0:0.1.5-1.el7
0:0.1.5-1.el7
redhat/tfm-rubygem-x-editable-rails<0:1.5.5-5.el7
0:1.5.5-5.el7
redhat/tfm-rubygem-xmlrpc<0:0.3.0-2.el7
0:0.3.0-2.el7
redhat/tfm-rubygem-zeitwerk<0:2.2.2-1.el7
0:2.2.2-1.el7
fasterxml jackson-databind>=2.9.0<2.9.10.5
NetApp Active Iq Unified Manager Linux>=7.3
NetApp Active Iq Unified Manager Windows>=7.3
NetApp Active Iq Unified Manager Vmware Vsphere>=9.5
NetApp Steelstore Cloud Integrated Storage
Debian Debian Linux=8.0
Oracle Agile PLM=9.3.6
Oracle Autovue For Agile Product Lifecycle Management=21.0.2
Oracle Banking Digital Experience=18.1
Oracle Banking Digital Experience=18.2
Oracle Banking Digital Experience=18.3
Oracle Banking Digital Experience=19.1
Oracle Banking Digital Experience=19.2
Oracle Banking Digital Experience=20.1
Oracle Communications Calendar Server=8.0.0.4.0
Oracle Communications Contacts Server=8.0.0.5.0
Oracle Communications Diameter Signaling Router>=8.0.0<=8.2.2
Oracle Communications Element Manager>=8.2.0<=8.2.2
Oracle Communications Evolved Communications Application Server=7.1
Oracle Communications Instant Messaging Server=10.0.1.4.0
Oracle Communications Session Report Manager>=8.2.0<=8.2.2
Oracle Communications Session Route Manager>=8.2.0<=8.2.2
redhat/jackson-databind<2.9.10.5
2.9.10.5
IBM InfoSphere Data Architect<=9.2.1
Remediation
Patch Available
Information
The following conditions are needed for an exploit, we recommend avoiding all if possible:
* Deserialization from sources you do not control
* enableDefaultTyping()
* @JsonTypeInfo using id.CLASS or id.MINIMAL_CLASS
* oracle.jms.AQjms*ConnectionFactory in classpath
Event History
May 19, 2020
CVE Published
12:00 AM
Jun 14, 2020
CVE Published
via MITRE·07:42 PM
Data Sourced
via MITRE·07:42 PM
Description
Data Sourced
via NVD·08:15 PM
RemedyDescriptionSeverityWeaknessAffected Software
Jun 19, 2020
Data Sourced
via Red Hat·12:05 PM
DescriptionSeverityAffected Software
Mar 4, 2026
Data Sourced
via IBM·12:00 AM
DescriptionAffected Software
Parent advisories
This vulnerability appears in the following advisories.
Frequently Asked Questions
1
What is the severity of CVE-2020-14061?
The severity of CVE-2020-14061 is considered high due to its potential impact on data confidentiality, integrity, and system availability.
2
How do I fix CVE-2020-14061?
To fix CVE-2020-14061, upgrade your jackson-databind library to version 2.9.10.5 or higher.
3
Which versions of jackson-databind are affected by CVE-2020-14061?
CVE-2020-14061 affects all versions of jackson-databind prior to 2.9.10.5.
4
Are there any workarounds for CVE-2020-14061?
The most effective workaround for CVE-2020-14061 is to update the affected library to the latest version.
5
What products are affected by CVE-2020-14061?
Products affected by CVE-2020-14061 include applications that utilize the jackson-databind library versions prior to 2.9.10.5.