Description

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.

Remediation

References

CVE-2019-16335

Related Vulnerabilities

PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-1903)

WordPress Plugin FlightLog SQL Injection (3.0.2)

osCommerce Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2002-2019)

Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-14998)

TCExam Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-4237)

Severity

Critical

Classification

CVE-2019-16335 CWE-502 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities