Debian: CVE-2018-14720: jackson-databind -- security update
|8||(AV:N/AC:L/Au:N/C:P/I:P/A:P)||January 02, 2019||March 12, 2019||April 22, 2019|
FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.
Scan For This Vulnerability
Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities