CVE-2018-14718
CVE-2018-14718
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://access.redhat.com/errata/RHBA-2019:0959https://access.redhat.com/errata/RHSA-2019:0782https://access.redhat.com/errata/RHSA-2019:0877https://access.redhat.com/errata/RHSA-2019:1782https://access.redhat.com/errata/RHSA-2019:1797https://access.redhat.com/errata/RHSA-2019:1822https://access.redhat.com/errata/RHSA-2019:1823https://access.redhat.com/errata/RHSA-2019:2804https://access.redhat.com/errata/RHSA-2019:2858https://access.redhat.com/errata/RHSA-2019:3002https://access.redhat.com/errata/RHSA-2019:3140https://access.redhat.com/errata/RHSA-2019:3149