Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-10219

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.

Security Impact Summary

This vulnerability carries a MEDIUM severity rating with a CVSS v3.1 score of 6.1, indicating it can be exploited remotely over the network with relatively low complexity though user interaction is required and does not require pre-existing privileges . The vulnerability impacts limited data confidentiality, limited integrity, for affected systems. Impacting 195 products from redhat, from redhat, from redhat and 192 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

First disclosed in 2019, this vulnerability was reported during a period defined by widespread IoT adoption challenges, mobile security concerns, and the emergence of advanced persistent threat (APT) techniques. Contemporary mitigation strategies focused on secure development practices and third-party component vetting.

Published

2019-11-08T15:15:11.157

Last Modified

2025-07-07T14:15:21.437

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.1 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

8.6

Impact Score

2.9

Weaknesses

Type: Secondary
CWE-79
Type: Secondary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	redhat	hibernate_validator	< 6.0.18	Yes
Application	redhat	hibernate_validator	6.1.0	Yes
Application	redhat	hibernate_validator	6.1.0	Yes
Application	redhat	hibernate_validator	6.1.0	Yes
Application	redhat	hibernate_validator	6.1.0	Yes
Application	redhat	hibernate_validator	6.1.0	Yes
Application	redhat	hibernate_validator	6.1.0	Yes
Application	redhat	fuse	1.0	Yes
Application	redhat	jboss_data_grid	-	Yes
Application	redhat	jboss_enterprise_application_platform	-	Yes
Application	redhat	openshift_application_runtimes	-	Yes
Application	redhat	single_sign-on	-	Yes
Application	redhat	jboss_enterprise_application_platform	7.2	Yes
Application	redhat	jboss_enterprise_application_platform	7.3	Yes
Operating System	redhat	enterprise_linux	6.0	No
Application	netapp	active_iq_unified_manager	-	Yes
Application	netapp	active_iq_unified_manager	-	Yes
Application	netapp	active_iq_unified_manager	-	Yes
Application	netapp	management_services_for_element_software_and_netapp_hci	-	Yes
Application	netapp	snapcenter_plug-in	-	Yes
Operating System	netapp	element	-	Yes
Application	oracle	access_manager	11.1.2.3.0	Yes
Application	oracle	access_manager	12.2.1.3.0	Yes
Application	oracle	access_manager	12.2.1.4.0	Yes
Application	oracle	agile_engineering_data_management	6.2.1.0	Yes
Application	oracle	agile_plm	9.3.3	Yes
Application	oracle	agile_plm	9.3.6	Yes
Application	oracle	agile_product_lifecycle_analytics	3.6.1	Yes
Application	oracle	agile_product_lifecycle_management_integration_pack	3.6	Yes
Application	oracle	airlines_data_model	12.1.1.0.0	Yes
Application	oracle	airlines_data_model	12.2.0.1.0	Yes
Application	oracle	application_express	21.1.4	Yes
Application	oracle	application_performance_management	13.4.1.0	Yes
Application	oracle	application_performance_management	13.5.1.0	Yes
Application	oracle	application_testing_suite	13.3.0.1	Yes
Application	oracle	argus_analytics	8.2.1	Yes
Application	oracle	argus_analytics	8.2.2	Yes
Application	oracle	argus_analytics	8.2.3	Yes
Application	oracle	argus_analytics	8.21	Yes
Application	oracle	argus_insight	8.2.1	Yes
Application	oracle	argus_insight	8.2.2	Yes
Application	oracle	argus_insight	8.2.3	Yes
Application	oracle	argus_safety	8.2.1	Yes
Application	oracle	argus_safety	8.2.2	Yes
Application	oracle	argus_safety	8.2.3	Yes
Application	oracle	banking_apis	18.1	Yes
Application	oracle	banking_apis	18.2	Yes
Application	oracle	banking_apis	18.3	Yes
Application	oracle	banking_apis	19.1	Yes
Application	oracle	banking_apis	19.2	Yes
Application	oracle	banking_apis	20.1	Yes
Application	oracle	banking_apis	21.1	Yes
Application	oracle	banking_deposits_and_lines_of_credit_servicing	2.12.0	Yes
Application	oracle	banking_digital_experience	17.2	Yes
Application	oracle	banking_digital_experience	18.1	Yes
Application	oracle	banking_digital_experience	18.3	Yes
Application	oracle	banking_digital_experience	19.1	Yes
Application	oracle	banking_digital_experience	19.2	Yes
Application	oracle	banking_digital_experience	20.1	Yes
Application	oracle	banking_digital_experience	21.1	Yes
Application	oracle	banking_enterprise_default_management	2.6.2	Yes
Application	oracle	banking_enterprise_default_management	2.7.0	Yes
Application	oracle	banking_enterprise_default_management	2.7.1	Yes
Application	oracle	banking_enterprise_default_management	2.10.0	Yes
Application	oracle	banking_enterprise_default_management	2.12.0	Yes
Application	oracle	banking_enterprise_default_managment	≤ 2.4.0	Yes
Application	oracle	banking_loans_servicing	2.12.0	Yes
Application	oracle	banking_party_management	2.7.0	Yes
Application	oracle	banking_platform	≤ 2.4.1	Yes
Application	oracle	banking_platform	2.6.2	Yes
Application	oracle	banking_platform	2.7.0	Yes
Application	oracle	banking_platform	2.7.1	Yes
Application	oracle	bi_publisher	5.5.0.0.0	Yes
Application	oracle	bi_publisher	11.1.1.9.0	Yes
Application	oracle	bi_publisher	12.2.1.3.0	Yes
Application	oracle	bi_publisher	12.2.1.4.0	Yes
Application	oracle	big_data_spatial_and_graph	23.1	Yes
Application	oracle	business_activity_monitoring	12.2.1.4.0	Yes
Application	oracle	business_intelligence	5.5.0.0.0	Yes
Application	oracle	business_intelligence	5.9.0.0.0	Yes
Application	oracle	business_intelligence	12.2.1.3.0	Yes
Application	oracle	business_intelligence	12.2.1.4.0	Yes
Application	oracle	business_process_management_suite	12.2.1.3.0	Yes
Application	oracle	business_process_management_suite	12.2.1.4.0	Yes
Application	oracle	clinical	5.2.1	Yes
Application	oracle	clinical	5.2.2	Yes
Application	oracle	commerce_guided_search	11.3.2	Yes
Application	oracle	commerce_platform	≤ 11.3.2	Yes
Application	oracle	communications_application_session_controller	3.9.0	Yes
Application	oracle	communications_billing_and_revenue_management	12.0.0.3	Yes
Application	oracle	communications_billing_and_revenue_management	12.0.0.4	Yes
Application	oracle	communications_billing_and_revenue_management_elastic_charging_engine	11.3	Yes
Application	oracle	communications_billing_and_revenue_management_elastic_charging_engine	12.0	Yes
Application	oracle	communications_calendar_server	8.0.0.5.0	Yes
Application	oracle	communications_calendar_server	8.0.0.6.0	Yes
Application	oracle	communications_cloud_native_core_automated_test_suite	1.8.0	Yes
Application	oracle	communications_cloud_native_core_binding_support_function	1.9.0	Yes
Application	oracle	communications_cloud_native_core_binding_support_function	1.10.0	Yes
Application	oracle	communications_cloud_native_core_console	1.7.0	Yes
Application	oracle	communications_cloud_native_core_network_function_cloud_native_environment	1.9.0	Yes
Application	oracle	communications_cloud_native_core_network_repository_function	1.14.0	Yes
Application	oracle	communications_cloud_native_core_policy	1.14.0	Yes
Application	oracle	communications_cloud_native_core_security_edge_protection_proxy	1.5.0	Yes
Application	oracle	communications_cloud_native_core_security_edge_protection_proxy	1.6.0	Yes
Application	oracle	communications_cloud_native_core_security_edge_protection_proxy	1.15.0	Yes
Application	oracle	communications_cloud_native_core_service_communication_proxy	1.14.0	Yes
Application	oracle	communications_cloud_native_core_unified_data_repository	1.14.0	Yes
Application	oracle	communications_contacts_server	8.0.0.3.0	Yes
Application	oracle	communications_converged_application_server_-_service_controller	6.2	Yes
Application	oracle	communications_convergence	3.0.2.2.0	Yes
Application	oracle	communications_convergent_charging_controller	≤ 12.0.4.0.0	Yes
Application	oracle	communications_convergent_charging_controller	6.0.1.0.0	Yes
Application	oracle	communications_data_model	11.3.2.1.0	Yes
Application	oracle	communications_data_model	11.3.2.2.0	Yes
Application	oracle	communications_data_model	11.3.2.3.0	Yes
Application	oracle	communications_data_model	12.1.0.1.0	Yes
Application	oracle	communications_data_model	12.1.2.0.0	Yes
Application	oracle	communications_design_studio	7.3.4	Yes
Application	oracle	communications_design_studio	7.3.5	Yes
Application	oracle	communications_design_studio	7.4.0	Yes
Application	oracle	communications_design_studio	7.4.1	Yes
Application	oracle	communications_design_studio	7.4.2	Yes
Application	oracle	communications_diameter_signaling_route	≤ 8.5.1.0	Yes
Application	oracle	communications_eagle_application_processor	≤ 16.4	Yes
Application	oracle	communications_instant_messaging_server	10.0.1.5.0	Yes
Application	oracle	communications_interactive_session_recorder	6.3	Yes
Application	oracle	communications_interactive_session_recorder	6.4	Yes
Application	oracle	communications_messaging_server	8.1	Yes
Application	oracle	communications_metasolv_solution	6.3.1	Yes
Application	oracle	communications_network_charging_and_control	≤ 12.0.4.0.0	Yes
Application	oracle	communications_network_charging_and_control	6.0.1.0.0	Yes
Application	oracle	communications_network_integrity	7.3.5	Yes
Application	oracle	communications_network_integrity	7.3.6	Yes
Application	oracle	communications_offline_mediation_controller	12.0.0.3	Yes
Application	oracle	communications_operations_monitor	3.4	Yes
Application	oracle	communications_operations_monitor	4.2	Yes
Application	oracle	communications_operations_monitor	4.3	Yes
Application	oracle	communications_operations_monitor	4.4	Yes
Application	oracle	communications_operations_monitor	5.0	Yes
Application	oracle	communications_pricing_design_center	12.0.0.3.0	Yes
Application	oracle	communications_pricing_design_center	12.0.0.4.0	Yes
Application	oracle	communications_service_broker	6.2	Yes
Application	oracle	communications_services_gatekeeper	7.0	Yes
Application	oracle	communications_session_border_controller	8.2	Yes
Application	oracle	communications_session_border_controller	8.3	Yes
Application	oracle	communications_session_border_controller	8.4	Yes
Application	oracle	communications_session_border_controller	9.0	Yes
Application	oracle	communications_unified_inventory_management	7.3.0	Yes
Application	oracle	communications_unified_inventory_management	7.3.4	Yes
Application	oracle	communications_unified_inventory_management	7.3.5	Yes
Application	oracle	communications_unified_inventory_management	7.4.0	Yes
Application	oracle	communications_unified_inventory_management	7.4.1	Yes
Application	oracle	communications_unified_inventory_management	7.4.2	Yes
Application	oracle	communications_unified_inventory_management	7.5.0	Yes
Application	oracle	communications_webrtc_session_controller	7.2.0	Yes
Application	oracle	communications_webrtc_session_controller	7.2.1	Yes
Application	oracle	data_integrator	12.2.1.3.0	Yes
Application	oracle	data_integrator	12.2.1.4.0	Yes
Application	oracle	database_server	12.1.0.1	Yes
Application	oracle	database_server	12.1.0.2	Yes
Application	oracle	database_server	19c	Yes
Application	oracle	database_server	21c	Yes
Application	oracle	demantra_demand_management	≤ 12.2.11	Yes
Application	oracle	documaker	≤ 12.6.4	Yes
Application	oracle	e-business_suite	≤ 12.2.11	Yes
Application	oracle	enterprise_communications_broker	3.3	Yes
Application	oracle	enterprise_data_quality	12.2.1.3.0	Yes
Application	oracle	enterprise_data_quality	12.2.1.4.0	Yes
Application	oracle	enterprise_manager_base_platform	13.4.0.0	Yes
Application	oracle	enterprise_manager_base_platform	13.5.0.0	Yes
Application	oracle	enterprise_manager_ops_center	12.4.0.0	Yes
Application	oracle	enterprise_session_border_controller	8.4	Yes
Application	oracle	enterprise_session_border_controller	9.0	Yes
Application	oracle	essbase	< 11.1.2.4.47	Yes
Application	oracle	essbase	< 21.3	Yes
Application	oracle	essbase	11.1.2.4.47	Yes
Application	oracle	essbase_administration_services	< 11.1.2.4.47	Yes
Application	oracle	essbase_administration_services	11.1.2.4.47	Yes
Application	oracle	financial_services_analytical_applications_infrastructure	≤ 8.1.1	Yes
Application	oracle	financial_services_analytical_applications_infrastructure	7.3.3	Yes
Application	oracle	financial_services_behavior_detection_platform	8.0.7	Yes
Application	oracle	financial_services_behavior_detection_platform	8.0.8	Yes
Application	oracle	financial_services_behavior_detection_platform	8.0.11	Yes
Application	oracle	financial_services_enterprise_case_management	8.0.7	Yes
Application	oracle	financial_services_enterprise_case_management	8.0.8	Yes
Application	oracle	financial_services_enterprise_case_management	8.0.11	Yes
Application	oracle	financial_services_foreign_account_tax_compliance_act_management	8.0.7	Yes
Application	oracle	financial_services_foreign_account_tax_compliance_act_management	8.0.8	Yes
Application	oracle	financial_services_foreign_account_tax_compliance_act_management	8.0.11	Yes
Application	oracle	financial_services_model_management_and_governance	≤ 8.1.1	Yes
Application	oracle	financial_services_trade-based_anti_money_laundering	8.0.7	Yes
Application	oracle	financial_services_trade-based_anti_money_laundering	8.0.8	Yes
Application	oracle	flexcube_investor_servicing	12.0.4	Yes
Application	oracle	flexcube_investor_servicing	12.1.0	Yes
Application	oracle	flexcube_investor_servicing	12.3.0	Yes
Application	oracle	flexcube_investor_servicing	12.4.0	Yes
Application	oracle	flexcube_investor_servicing	14.4.0	Yes
Application	oracle	flexcube_investor_servicing	14.5.0	Yes
Application	oracle	flexcube_private_banking	12.0.0	Yes
Application	oracle	flexcube_private_banking	12.1.0	Yes
Application	oracle	fusion_middleware	12.2.1.3.0	Yes
Application	oracle	fusion_middleware	12.2.1.4.0	Yes
Application	oracle	fusion_middleware_mapviewer	12.2.1.4.0	Yes
Application	oracle	goldengate	< 12.3.0.1	Yes
Application	oracle	goldengate	< 19.1.0.0.220118	Yes
Application	oracle	goldengate	< 21.5.0.0.220118	Yes
Application	oracle	goldengate_application_adapters	19.1.0.0.0	Yes
Application	oracle	graalvm	20.3.4	Yes
Application	oracle	graalvm	21.3.0	Yes
Application	oracle	graph_server_and_client	< 21.4	Yes
Application	oracle	health_sciences_clinical_development_analytics	4.0.1	Yes
Application	oracle	health_sciences_inform_crf_submit	6.2.1	Yes
Application	oracle	health_sciences_information_manager	3.0.2	Yes
Application	oracle	health_sciences_information_manager	3.0.3	Yes
Application	oracle	healthcare_data_repository	7.0.2	Yes
Application	oracle	healthcare_data_repository	8.1.0	Yes
Application	oracle	healthcare_data_repository	8.1.1	Yes
Application	oracle	healthcare_foundation	≤ 7.3.0.2	Yes
Application	oracle	healthcare_foundation	≤ 8.0.2	Yes
Application	oracle	healthcare_foundation	8.1.0	Yes
Application	oracle	healthcare_foundation	8.1.1	Yes
Application	oracle	healthcare_translational_research	4.1.0	Yes
Application	oracle	hospitality_cruise_shipboard_property_management_system	20.1.0	Yes
Application	oracle	hospitality_opera_5_property_services	5.6	Yes
Application	oracle	hospitality_reporting_and_analytics	9.1.0	Yes
Application	oracle	hospitality_suite8	8.10.2	Yes
Application	oracle	hospitality_suite8	8.11.0	Yes
Application	oracle	hospitality_suite8	8.12.0	Yes
Application	oracle	hospitality_suite8	8.13.0	Yes
Application	oracle	hospitality_suite8	8.14.0	Yes
Application	oracle	http_server	12.2.1.3.0	Yes
Application	oracle	http_server	12.2.1.4.0	Yes
Application	oracle	hyperion_financial_management	11.1.2.4	Yes
Application	oracle	hyperion_financial_management	11.2.6.0	Yes
Application	oracle	hyperion_ilearning	6.2	Yes
Application	oracle	hyperion_ilearning	6.3	Yes
Application	oracle	hyperion_infrastructure_technology	11.2.7.0	Yes
Application	oracle	instantis_enterprisetrack	17.1	Yes
Application	oracle	instantis_enterprisetrack	17.2	Yes
Application	oracle	instantis_enterprisetrack	17.3	Yes
Application	oracle	insurance_data_gateway	11.0.2	Yes
Application	oracle	insurance_data_gateway	11.1.0	Yes
Application	oracle	insurance_data_gateway	11.2.7	Yes
Application	oracle	insurance_data_gateway	11.3.0	Yes
Application	oracle	insurance_data_gateway	11.3.1	Yes
Application	oracle	insurance_insbridge_rating_and_underwriting	≤ 5.6.0	Yes
Application	oracle	insurance_insbridge_rating_and_underwriting	5.2.0	Yes
Application	oracle	insurance_policy_administration	11.0.2	Yes
Application	oracle	insurance_policy_administration	11.1.0	Yes
Application	oracle	insurance_policy_administration	11.2.7	Yes
Application	oracle	insurance_policy_administration	11.3.0	Yes
Application	oracle	insurance_policy_administration	11.3.1	Yes
Application	oracle	insurance_policy_administration_j2ee	≤ 11.3.0	Yes
Application	oracle	insurance_policy_administration_j2ee	10.2.0	Yes
Application	oracle	insurance_policy_administration_j2ee	10.2.4	Yes
Application	oracle	insurance_policy_administration_j2ee	11.0.2	Yes
Application	oracle	insurance_rules_palette	≤ 11.3.0	Yes
Application	oracle	insurance_rules_palette	10.2.0	Yes
Application	oracle	insurance_rules_palette	10.2.4	Yes
Application	oracle	insurance_rules_palette	11.0.2	Yes
Application	oracle	insurance_rules_palette	11.3.1	Yes
Application	oracle	java_se	7u321	Yes
Application	oracle	java_se	8u311	Yes
Application	oracle	java_se	17.1	Yes
Application	oracle	jd_edwards_enterpriseone_orchestrator	< 9.2.6.1	Yes
Application	oracle	jdk	11.0.13	Yes
Application	oracle	managed_file_transfer	12.2.1.3.0	Yes
Application	oracle	managed_file_transfer	12.2.1.4.0	Yes
Application	oracle	mysql_cluster	< 7.4.34	Yes
Application	oracle	mysql_cluster	< 7.5.24	Yes
Application	oracle	mysql_cluster	< 7.6.20	Yes
Application	oracle	mysql_cluster	< 8.0.27	Yes
Application	oracle	mysql_connectors	< 8.0.27	Yes
Application	oracle	mysql_connectors	8.0.27	Yes
Application	oracle	mysql_server	< 5.7.36	Yes
Application	oracle	mysql_server	< 8.0.27	Yes
Application	oracle	mysql_server	5.7.36	Yes
Application	oracle	mysql_workbench	< 8.0.27	Yes
Application	oracle	nosql_database	< 21.1.12	Yes
Application	oracle	oss_support_tools	< 2.12.42	Yes
Application	oracle	peoplesoft_enterprise_cs_sa_integration_pack	9.0	Yes
Application	oracle	peoplesoft_enterprise_cs_sa_integration_pack	9.2	Yes
Application	oracle	peoplesoft_enterprise_people_tools	8.57	Yes
Application	oracle	peoplesoft_enterprise_people_tools	8.58	Yes
Application	oracle	peoplesoft_enterprise_people_tools	8.59	Yes
Application	oracle	peoplesoft_enterprise_peopletools	8.57	Yes
Application	oracle	peoplesoft_enterprise_peopletools	8.58	Yes
Application	oracle	policy_automation	≤ 12.2.24	Yes
Application	oracle	policy_automation	10.4.7	Yes
Application	oracle	primavera_analytics	18.8.3.3	Yes
Application	oracle	primavera_analytics	19.12.11.1	Yes
Application	oracle	primavera_analytics	20.12.12.0	Yes
Application	oracle	primavera_data_warehouse	18.8.3.3	Yes
Application	oracle	primavera_data_warehouse	19.12.11.1	Yes
Application	oracle	primavera_data_warehouse	20.12.12.0	Yes
Application	oracle	primavera_gateway	≤ 17.12.11	Yes
Application	oracle	primavera_gateway	≤ 18.8.13	Yes
Application	oracle	primavera_gateway	≤ 19.12.12	Yes
Application	oracle	primavera_gateway	≤ 20.12.7	Yes
Application	oracle	primavera_gateway	21.12.0	Yes
Application	oracle	primavera_p6_enterprise_project_portfolio_management	≤ 17.12.0.0-17.12.20.0	Yes
Application	oracle	primavera_p6_enterprise_project_portfolio_management	≤ 18.8.24.0	Yes
Application	oracle	primavera_p6_enterprise_project_portfolio_management	≤ 19.12.18.0	Yes
Application	oracle	primavera_p6_enterprise_project_portfolio_management	≤ 20.12.12.0	Yes
Application	oracle	primavera_p6_enterprise_project_portfolio_management	21.12.0.0	Yes
Application	oracle	primavera_p6_professional_project_management	≤ 17.12.20.0	Yes
Application	oracle	primavera_p6_professional_project_management	≤ 18.8.24.0	Yes
Application	oracle	primavera_p6_professional_project_management	≤ 19.12.17.0	Yes
Application	oracle	primavera_p6_professional_project_management	≤ 20.12.9.0	Yes
Application	oracle	primavera_portfolio_management	≤ 18.0.3.0	Yes
Application	oracle	primavera_portfolio_management	≤ 19.0.1.2	Yes
Application	oracle	primavera_portfolio_management	20.0.0.0	Yes
Application	oracle	primavera_portfolio_management	20.0.0.1	Yes
Application	oracle	primavera_unifier	≤ 17.12	Yes
Application	oracle	primavera_unifier	18.8	Yes
Application	oracle	primavera_unifier	19.12	Yes
Application	oracle	primavera_unifier	20.12	Yes
Application	oracle	primavera_unifier	21.12	Yes
Application	oracle	rapid_planning	≤ 12.2.11	Yes
Application	oracle	real-time_decision_server	3.2.0.0	Yes
Application	oracle	real_user_experience_insight	13.4.1.0	Yes
Application	oracle	real_user_experience_insight	13.5.1.0	Yes
Application	oracle	rest_data_services	21.2.4	Yes
Application	oracle	retail_allocation	14.1.3.2	Yes
Application	oracle	retail_allocation	15.0.3.1	Yes
Application	oracle	retail_allocation	16.0.3	Yes
Application	oracle	retail_allocation	19.0.1	Yes
Application	oracle	retail_analytics	≤ 16.0.2	Yes
Application	oracle	retail_assortment_planning	16.0.3	Yes
Application	oracle	retail_back_office	14.1	Yes
Application	oracle	retail_central_office	14.1	Yes
Application	oracle	retail_customer_insights	≤ 16.0.2	Yes
Application	oracle	retail_customer_management_and_segmentation_foundation	≤ 19.0	Yes
Application	oracle	retail_eftlink	16.0.3	Yes
Application	oracle	retail_eftlink	17.0.2	Yes
Application	oracle	retail_eftlink	18.0.1	Yes
Application	oracle	retail_eftlink	19.0.1	Yes
Application	oracle	retail_eftlink	20.0.1	Yes
Application	oracle	retail_extract_transform_and_load	13.2.8	Yes
Application	oracle	retail_financial_integration	14.1.3.2	Yes
Application	oracle	retail_financial_integration	15.0.3.1	Yes
Application	oracle	retail_financial_integration	16.0.3	Yes
Application	oracle	retail_financial_integration	19.0.1	Yes
Application	oracle	retail_fiscal_management	14.2	Yes
Application	oracle	retail_integration_bus	≤ 16.0.3	Yes
Application	oracle	retail_integration_bus	13.0	Yes
Application	oracle	retail_integration_bus	14.1.3.0	Yes
Application	oracle	retail_integration_bus	14.1.3.2	Yes
Application	oracle	retail_integration_bus	15.0.3.1	Yes
Application	oracle	retail_integration_bus	19.0.0	Yes
Application	oracle	retail_integration_bus	19.0.1	Yes
Application	oracle	retail_invoice_matching	15.0.3	Yes
Application	oracle	retail_invoice_matching	16.0.3	Yes
Application	oracle	retail_merchandising_system	19.0.1	Yes
Application	oracle	retail_order_broker	16.0	Yes
Application	oracle	retail_order_broker	18.0	Yes
Application	oracle	retail_order_broker	19.1	Yes
Application	oracle	retail_order_management_system	19.5	Yes
Application	oracle	retail_point-of-sale	14.1	Yes
Application	oracle	retail_predictive_application_server	14.1.3	Yes
Application	oracle	retail_predictive_application_server	14.1.3.46	Yes
Application	oracle	retail_predictive_application_server	15.0.3	Yes
Application	oracle	retail_predictive_application_server	15.0.3.115	Yes
Application	oracle	retail_predictive_application_server	16.0.3	Yes
Application	oracle	retail_predictive_application_server	16.0.3.240	Yes
Application	oracle	retail_price_management	13.2	Yes
Application	oracle	retail_price_management	14.0.4	Yes
Application	oracle	retail_price_management	14.1	Yes
Application	oracle	retail_price_management	14.1.3	Yes
Application	oracle	retail_price_management	15.0	Yes
Application	oracle	retail_price_management	15.0.3	Yes
Application	oracle	retail_price_management	16.0	Yes
Application	oracle	retail_price_management	16.0.3	Yes
Application	oracle	retail_returns_management	14.1	Yes
Application	oracle	retail_service_backbone	≤ 16.0.3	Yes
Application	oracle	retail_service_backbone	14.1.3.0	Yes
Application	oracle	retail_service_backbone	14.1.3.2	Yes
Application	oracle	retail_service_backbone	15.0.3.1	Yes
Application	oracle	retail_service_backbone	19.0.0	Yes
Application	oracle	retail_service_backbone	19.0.1	Yes
Application	oracle	retail_size_profile_optimization	16.0.3	Yes
Application	oracle	retail_xstore_point_of_service	17.0.4	Yes
Application	oracle	retail_xstore_point_of_service	18.0.3	Yes
Application	oracle	retail_xstore_point_of_service	19.0.2	Yes
Application	oracle	retail_xstore_point_of_service	20.0.1	Yes
Application	oracle	sd-wan_aware	8.2	Yes
Application	oracle	sd-wan_edge	9.0	Yes
Application	oracle	sd-wan_edge	9.1	Yes
Application	oracle	secure_backup	18.1.0.1.0	Yes
Application	oracle	siebel_applications	< 21.12	Yes
Application	oracle	spatial_studio	21.2.1	Yes
Application	oracle	thesaurus_management_system	5.2.3	Yes
Application	oracle	thesaurus_management_system	5.3.0	Yes
Application	oracle	thesaurus_management_system	5.3.1	Yes
Application	oracle	timesten_in-memory_database	< 11.2.2.8.27	Yes
Application	oracle	timesten_in-memory_database	< 21.1.1.1.0	Yes
Application	oracle	utilities_framework	≤ 4.3.0.6.0	Yes
Application	oracle	utilities_framework	4.2.0.2.0	Yes
Application	oracle	utilities_framework	4.2.0.3.0	Yes
Application	oracle	utilities_framework	4.4.0.0.0	Yes
Application	oracle	utilities_framework	4.4.0.2.0	Yes
Application	oracle	utilities_framework	4.4.0.3.0	Yes
Application	oracle	utilities_testing_accelerator	6.0.0.1.1	Yes
Application	oracle	utilities_testing_accelerator	6.0.0.2.2	Yes
Application	oracle	utilities_testing_accelerator	6.0.0.3.1	Yes
Application	oracle	vm_virtualbox	< 6.1.32	Yes
Application	oracle	webcenter_portal	12.2.1.3.0	Yes
Application	oracle	webcenter_portal	12.2.1.4.0	Yes
Application	oracle	weblogic_server	12.1.3.0.0	Yes
Application	oracle	weblogic_server	12.2.1.3.0	Yes
Application	oracle	weblogic_server	12.2.1.4.0	Yes
Application	oracle	weblogic_server	14.1.1.0.0	Yes
Application	oracle	zfs_storage_appliance_kit	8.8	Yes
Application	oracle	zfs_storage_application_integration_engineering_software	1.3.3	Yes
Operating System	oracle	communications_messaging_server	8.1	Yes
Operating System	oracle	solaris	10	Yes
Operating System	oracle	solaris	11	Yes
Operating System	oracle	fujitsu_m10-1_firmware	-	Yes
Hardware	oracle	fujitsu_m10-1	-	No
Operating System	oracle	fujitsu_m10-4_firmware	-	Yes
Hardware	oracle	fujitsu_m10-4	-	No
Operating System	oracle	fujitsu_m10-4s_firmware	-	Yes
Hardware	oracle	fujitsu_m10-4s	-	No
Operating System	oracle	fujitsu_m12-1_firmware	-	Yes
Hardware	oracle	fujitsu_m12-1	-	No
Operating System	oracle	fujitsu_m12-2_firmware	-	Yes
Hardware	oracle	fujitsu_m12-2	-	No
Operating System	oracle	fujitsu_m12-2s_firmware	-	Yes
Hardware	oracle	fujitsu_m12-2s	-	No

References

https://access.redhat.com/errata/RHSA-2020:0159 Third Party Advisory ([email protected])
https://access.redhat.com/errata/RHSA-2020:0160 Third Party Advisory ([email protected])
https://access.redhat.com/errata/RHSA-2020:0161 Third Party Advisory ([email protected])
https://access.redhat.com/errata/RHSA-2020:0164 Third Party Advisory ([email protected])
https://access.redhat.com/errata/RHSA-2020:0445 Third Party Advisory ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219 Issue Tracking, Third Party Advisory ([email protected])
https://github.com/hibernate/hibernate-validator/commit/124b7dd6d9a4ad24d4d49f74701f05a13e56cee ([email protected])
https://github.com/hibernate/hibernate-validator/commit/20d729548511ac5cff6fd459f93de137195420fe ([email protected])
https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Adapted/CVE-2019-10219 ([email protected])
https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Origin/CVE-2019-10219/exploit ([email protected])
https://lists.apache.org/thread.html/r4f8b4e2541be4234946e40d55859273a7eec0f4901e8080ce2406fe6%40%3Cnotifications.accumulo.apache.org%3E ([email protected])
https://lists.apache.org/thread.html/r4f92d7f7682dcff92722fa947f9e6f8ba2227c5dc3e11ba09114897d%40%3Cnotifications.accumulo.apache.org%3E ([email protected])
https://lists.apache.org/thread.html/r87b7e2d22982b4ca9f88f5f4f22a19b394d2662415b233582ed22ebf%40%3Cnotifications.accumulo.apache.org%3E ([email protected])
https://lists.apache.org/thread.html/rb8dca19a4e52b60dab0ab21e2ff9968d78f4b84e4033824db1dd24b4%40%3Cpluto-scm.portals.apache.org%3E ([email protected])
https://lists.apache.org/thread.html/rd418deda6f0ebe658c2015f43a14d03acb8b8c2c093c5bf6b880cd7c%40%3Cpluto-dev.portals.apache.org%3E ([email protected])
https://lists.apache.org/thread.html/rf9c17c3efc4a376a96e9e2777eee6acf0bec28e2200e4b35da62de4a%40%3Cpluto-dev.portals.apache.org%3E ([email protected])
https://security.netapp.com/advisory/ntap-20220210-0024/ Third Party Advisory ([email protected])
https://www.oracle.com/security-alerts/cpujan2022.html Third Party Advisory ([email protected])
https://access.redhat.com/errata/RHSA-2020:0159 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2020:0160 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2020:0161 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2020:0164 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2020:0445 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219 Issue Tracking, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/hibernate/hibernate-validator/commit/124b7dd6d9a4ad24d4d49f74701f05a13e56ceee (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/hibernate/hibernate-validator/commit/20d729548511ac5cff6fd459f93de137195420fe (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Adapted/CVE-2019-10219 (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Origin/CVE-2019-10219/exploit (af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/r4f8b4e2541be4234946e40d55859273a7eec0f4901e8080ce2406fe6%40%3Cnotifications.accumulo.apache.org%3E (af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/r4f92d7f7682dcff92722fa947f9e6f8ba2227c5dc3e11ba09114897d%40%3Cnotifications.accumulo.apache.org%3E (af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/r87b7e2d22982b4ca9f88f5f4f22a19b394d2662415b233582ed22ebf%40%3Cnotifications.accumulo.apache.org%3E (af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/rb8dca19a4e52b60dab0ab21e2ff9968d78f4b84e4033824db1dd24b4%40%3Cpluto-scm.portals.apache.org%3E (af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/rd418deda6f0ebe658c2015f43a14d03acb8b8c2c093c5bf6b880cd7c%40%3Cpluto-dev.portals.apache.org%3E (af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/rf9c17c3efc4a376a96e9e2777eee6acf0bec28e2200e4b35da62de4a%40%3Cpluto-dev.portals.apache.org%3E (af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20220210-0024/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.oracle.com/security-alerts/cpujan2022.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For redhat's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.