Debian: CVE-2017-15095: jackson-databind -- security update
|8||(AV:N/AC:L/Au:N/C:P/I:P/A:P)||November 16, 2017||November 16, 2017||March 15, 2018|
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.
It was discovered that jackson-databind, a Java library used to parse
JSON and other data formats, improperly validated user input prior to
deserializing: following DSA-4004-1 forCVE-2017-7525, an additional set of classes was identified as unsafe
Scan For This Vulnerability
Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities