Debian: CVE-2017-15095: jackson-databind -- security update
|4||(AV:L/AC:M/Au:N/C:P/I:P/A:P)||November 15, 2017||November 15, 2017||December 19, 2017|
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.
It was discovered that jackson-databind, a Java library used to parse
JSON and other data formats, improperly validated user input prior to
deserializing: following DSA-4004-1 forCVE-2017-7525, an additional set of classes was identified as unsafe
Free Nexpose Download
Discover, prioritize, and remediate security risks today!