CVE-2019-10086

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2019-10086
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-10086.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2019-10086
Aliases
Downstream
Related
Published
2019-08-20T21:15:12.057Z
Modified
2026-05-28T04:04:11.718710692Z
Severity
  • 7.3 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L CVSS Calculator
Summary
[none]
Details

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.

Database specific 
{
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "introduced": "1.0"
                },
                {
                    "last_affected": "1.9.3"
                }
            ],
            "cpes": [
                "cpe:2.3:a:apache:commons_beanutils:*:*:*:*:*:*:*:*"
            ],
            "vendor_product": "apache:commons_beanutils",
            "source": "CPE_RANGE"
        },
        {
            "extracted_events": [
                {
                    "fixed": "21.1.2"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:blockchain_platform",
            "source": "CPE_RANGE"
        },
        {
            "extracted_events": [
                {
                    "fixed": "9.2.5.3"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:jd_edwards_enterpriseone_orchestrator",
            "source": "CPE_RANGE"
        },
        {
            "extracted_events": [
                {
                    "fixed": "9.2.5.3"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:jd_edwards_enterpriseone_tools",
            "source": "CPE_RANGE"
        },
        {
            "extracted_events": [
                {
                    "introduced": "16.2.0"
                },
                {
                    "last_affected": "16.2.11"
                },
                {
                    "introduced": "17.12.0"
                },
                {
                    "last_affected": "17.12.6"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:primavera_gateway",
            "source": "CPE_RANGE"
        },
        {
            "extracted_events": [
                {
                    "introduced": "12.2.6"
                },
                {
                    "last_affected": "12.2.11"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:time_and_labor:*:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:time_and_labor",
            "source": "CPE_RANGE"
        },
        {
            "extracted_events": [
                {
                    "introduced": "4.3.0.1.0"
                },
                {
                    "last_affected": "4.3.0.6.0"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:utilities_framework",
            "source": "CPE_RANGE"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "8.0"
                }
            ],
            "cpes": [
                "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"
            ],
            "vendor_product": "debian:debian_linux",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "30"
                },
                {
                    "last_affected": "31"
                }
            ],
            "cpes": [
                "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
                "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"
            ],
            "vendor_product": "fedoraproject:fedora",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "15.0"
                },
                {
                    "last_affected": "15.1"
                }
            ],
            "cpes": [
                "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"
            ],
            "vendor_product": "opensuse:leap",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "9.3.3"
                },
                {
                    "last_affected": "9.3.5"
                },
                {
                    "last_affected": "9.3.6"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:agile_plm:9.3.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:agile_plm:9.3.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:agile_plm",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "3.5"
                },
                {
                    "last_affected": "3.5"
                },
                {
                    "last_affected": "3.6"
                },
                {
                    "last_affected": "3.6"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:agile_product_lifecycle_management_integration_pack:3.5:*:*:*:*:e-business_suite:*:*",
                "cpe:2.3:a:oracle:agile_product_lifecycle_management_integration_pack:3.5:*:*:*:*:sap:*:*",
                "cpe:2.3:a:oracle:agile_product_lifecycle_management_integration_pack:3.6:*:*:*:*:e-business_suite:*:*",
                "cpe:2.3:a:oracle:agile_product_lifecycle_management_integration_pack:3.6:*:*:*:*:sap:*:*"
            ],
            "vendor_product": "oracle:agile_product_lifecycle_management_integration_pack",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "13.3.0.1"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:application_testing_suite",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "2.4.0"
                },
                {
                    "last_affected": "2.7.1"
                },
                {
                    "last_affected": "2.9.0"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:banking_platform:2.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:banking_platform:2.7.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:banking_platform",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "7.5"
                },
                {
                    "last_affected": "12.0.0.3.0"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:communications_billing_and_revenue_management",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "11.3.0.9"
                },
                {
                    "last_affected": "12.0.0.3"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:11.3.0.9:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:12.0.0.3:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:communications_billing_and_revenue_management_elastic_charging_engine",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "1.4.0"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:communications_cloud_native_core_console:1.4.0:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:communications_cloud_native_core_console",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "1.9.0"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.9.0:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:communications_cloud_native_core_policy",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "1.6.0"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.6.0:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:communications_cloud_native_core_unified_data_repository",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "3.0.2.2.0"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:communications_convergence:3.0.2.2.0:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:communications_convergence",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "7.3.4"
                },
                {
                    "last_affected": "7.3.5"
                },
                {
                    "last_affected": "7.4.0"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:communications_design_studio:7.3.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:communications_design_studio:7.3.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:communications_design_studio:7.4.0:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:communications_design_studio",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "7.1"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:communications_evolved_communications_application_server",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "6.3.0"
                },
                {
                    "last_affected": "6.3.1"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:communications_metasolv_solution:6.3.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:communications_metasolv_solution",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "7.3.6"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:communications_network_integrity:7.3.6:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:communications_network_integrity",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "10.4.0.3"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:communications_performance_intelligence_center:10.4.0.3:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:communications_performance_intelligence_center",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "12.0.0.3.0"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.3.0:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:communications_pricing_design_center",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "7.3.4"
                },
                {
                    "last_affected": "7.3.5"
                },
                {
                    "last_affected": "7.4.0"
                },
                {
                    "last_affected": "7.4.1"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:communications_unified_inventory_management",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "18.0"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:customer_management_and_segmentation_foundation",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "13.4.0.0"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.4.0.0:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:enterprise_manager_for_virtualization",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "2.7"
                },
                {
                    "last_affected": "2.8"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.8:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:financial_services_revenue_management_and_billing_analytics",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "12.0.0"
                },
                {
                    "last_affected": "12.1.0"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:flexcube_private_banking:12.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:flexcube_private_banking",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "11.1.1.9"
                },
                {
                    "last_affected": "12.2.1.3.0"
                },
                {
                    "last_affected": "12.2.1.4.0"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:fusion_middleware:11.1.1.9:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:fusion_middleware:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:fusion_middleware",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "7.1.5"
                },
                {
                    "last_affected": "7.2.2"
                },
                {
                    "last_affected": "7.3.0"
                },
                {
                    "last_affected": "7.3.1"
                },
                {
                    "last_affected": "8.0.1"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:healthcare_foundation:7.1.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:healthcare_foundation:7.2.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:healthcare_foundation:7.3.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:healthcare_foundation:7.3.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:healthcare_foundation:8.0.1:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:healthcare_foundation",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "5.5"
                },
                {
                    "last_affected": "5.6"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:hospitality_opera_5:5.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:hospitality_opera_5:5.6:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:hospitality_opera_5",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "9.1.0"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:hospitality_reporting_and_analytics:9.1.0:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:hospitality_reporting_and_analytics",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "1.0.2.3"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:insurance_data_gateway:1.0.2.3:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:insurance_data_gateway",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "9.2.5.3"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2.5.3:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:jd_edwards_enterpriseone_orchestrator",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "9.2.5.3"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2.5.3:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:jd_edwards_enterpriseone_tools",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "8.56"
                },
                {
                    "last_affected": "8.57"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:peoplesoft_enterprise_peopletools",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "8.56"
                },
                {
                    "last_affected": "8.57"
                },
                {
                    "last_affected": "8.58"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:peoplesoft_enterprise_pt_peopletools:8.56:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:peoplesoft_enterprise_pt_peopletools:8.57:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:peoplesoft_enterprise_pt_peopletools:8.58:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:peoplesoft_enterprise_pt_peopletools",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "3.2.0.0"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:real-time_decisions_solutions:3.2.0.0:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:real-time_decisions_solutions",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "14.1"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:retail_advanced_inventory_planning:14.1:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:retail_advanced_inventory_planning",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "14.1"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:retail_back_office",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "14.1"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:retail_central_office:14.1:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:retail_central_office",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "16.0.3"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:retail_invoice_matching:16.0.3:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:retail_invoice_matching",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "5.0.3.1"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:retail_merchandising_system:5.0.3.1:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:retail_merchandising_system",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "14.1"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:retail_point-of-service:14.1:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:retail_point-of-service",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "16.0"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:retail_predictive_application_server:16.0:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:retail_predictive_application_server",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "14.0"
                },
                {
                    "last_affected": "14.0.1"
                },
                {
                    "last_affected": "15.0"
                },
                {
                    "last_affected": "16.0"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:retail_price_management:14.0.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:retail_price_management:14.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:retail_price_management:15.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:retail_price_management:16.0:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:retail_price_management",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "14.1"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:retail_returns_management",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "7.1"
                },
                {
                    "last_affected": "15.0"
                },
                {
                    "last_affected": "16.0"
                },
                {
                    "last_affected": "17.0"
                },
                {
                    "last_affected": "18.0"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:retail_xstore_point_of_service",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "11.1.1.9.0"
                },
                {
                    "last_affected": "12.2.1.3.0"
                },
                {
                    "last_affected": "12.2.1.4.0"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:service_bus:11.1.1.9.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:service_bus:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:service_bus:12.2.1.4.0:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:service_bus",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "4.4"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:solaris_cluster:4.4:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:solaris_cluster",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "4.2.0.2.0"
                },
                {
                    "last_affected": "4.2.0.3.0"
                },
                {
                    "last_affected": "4.4.0.0.0"
                },
                {
                    "last_affected": "4.4.0.2.0"
                },
                {
                    "last_affected": "4.4.0.3.0"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:utilities_framework:4.2.0.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:utilities_framework:4.2.0.3.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:utilities_framework:4.4.0.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:oracle:utilities_framework:4.4.0.3.0:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:utilities_framework",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "10.3.6.0.0"
                }
            ],
            "cpes": [
                "cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*"
            ],
            "vendor_product": "oracle:weblogic_server",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "7.0"
                }
            ],
            "cpes": [
                "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"
            ],
            "vendor_product": "redhat:enterprise_linux_desktop",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "7.7"
                }
            ],
            "cpes": [
                "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*"
            ],
            "vendor_product": "redhat:enterprise_linux_eus",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "7.0"
                }
            ],
            "cpes": [
                "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"
            ],
            "vendor_product": "redhat:enterprise_linux_server",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "7.7"
                }
            ],
            "cpes": [
                "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*"
            ],
            "vendor_product": "redhat:enterprise_linux_server_aus",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "7.7"
                }
            ],
            "cpes": [
                "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*"
            ],
            "vendor_product": "redhat:enterprise_linux_server_tus",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "7.0"
                }
            ],
            "cpes": [
                "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"
            ],
            "vendor_product": "redhat:enterprise_linux_workstation",
            "source": "CPE_STRING"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "7.2.0"
                }
            ],
            "cpes": [
                "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:*:*:*:*:*:*:*"
            ],
            "vendor_product": "redhat:jboss_enterprise_application_platform",
            "source": "CPE_STRING"
        }
    ]
}
References

Affected packages

Git / github.com/apache/nifi

Affected ranges

Type
GIT
Repo
https://github.com/apache/nifi
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
fcbf1d5f975dd984e34f3a543b9480c779b0dc2f
Last affected
7fdc07cccdc0e23d4986557a9314e36859704a3b
Database specific 
{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.14.0"
        },
        {
            "last_affected": "1.15.0"
        }
    ],
    "cpe": [
        "cpe:2.3:a:apache:nifi:1.14.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:apache:nifi:1.15.0:*:*:*:*:*:*:*"
    ],
    "source": "CPE_STRING"
}

Affected versions

docker/nifi-1.*
docker/nifi-1.2.0
nifi-0.*
nifi-0.2.0-incubating-RC1
nifi-0.4.1
nifi-0.4.1-RC1
nifi-0.6.0
nifi-0.6.0-RC2
nifi-1.*
nifi-1.1.0-RC2
nifi-1.14.0-RC2
nifi-1.15.0-RC3
nifi-1.2.0-RC2
rel/nifi-1.*
rel/nifi-1.1.0
rel/nifi-1.14.0
rel/nifi-1.15.0
rel/nifi-1.2.0

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-10086.json"