[Git][security-tracker-team/security-tracker][master] Add CVE-2019-16335/jackson-databind
Salvatore Bonaccorso
carnil at debian.org
Mon Sep 16 14:06:48 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d021ba38 by Salvatore Bonaccorso at 2019-09-16T13:06:18Z
Add CVE-2019-16335/jackson-databind
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13,7 +13,9 @@ CVE-2019-16337
CVE-2019-16336
RESERVED
CVE-2019-16335 (A Polymorphic Typing issue was discovered in FasterXML jackson-databin ...)
- TODO: check
+ - jackson-databind <unfixed>
+ NOTE: https://github.com/FasterXML/jackson-databind/issues/2449
+ NOTE: https://github.com/FasterXML/jackson-databind/commit/73c1c2cc76e6cdd7f3a5615cbe3207fe96e4d3db
CVE-2019-16334 (In Bludit v3.9.2, there is a persistent XSS vulnerability in the Categ ...)
NOT-FOR-US: Bludit
CVE-2019-16333 (GetSimple CMS v3.3.15 has Persistent Cross-Site Scripting (XSS) in adm ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d021ba38c5092aba99476c35149feff0a9408b98
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d021ba38c5092aba99476c35149feff0a9408b98
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190916/c09783dd/attachment.html>
More information about the debian-security-tracker-commits
mailing list