18.8.8

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-01	CVE-2019-16943	Deserialization of Untrusted Data vulnerability in multiple products A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. network low complexity fasterxml debian fedoraproject redhat oracle netapp CWE-502 critical	9.8
2019-10-01	CVE-2019-16942	Deserialization of Untrusted Data vulnerability in multiple products A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. network low complexity fasterxml debian fedoraproject redhat netapp oracle CWE-502 critical	9.8
2019-08-30	CVE-2019-12402	Infinite Loop vulnerability in multiple products The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. network low complexity apache fedoraproject oracle CWE-835	7.5
2019-04-20	CVE-2019-11358	jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. network low complexity jquery debian drupal backdropcms fedoraproject opensuse netapp redhat oracle joomla juniper	6.1