CVE-2018-14720
CVE-2018-14720
FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.
Productos afectados
n/a · n/a¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://access.redhat.com/errata/RHBA-2019:0959https://access.redhat.com/errata/RHSA-2019:0782https://access.redhat.com/errata/RHSA-2019:1106https://access.redhat.com/errata/RHSA-2019:1107https://access.redhat.com/errata/RHSA-2019:1108https://access.redhat.com/errata/RHSA-2019:1140https://access.redhat.com/errata/RHSA-2019:1822https://access.redhat.com/errata/RHSA-2019:1823https://access.redhat.com/errata/RHSA-2019:2858https://access.redhat.com/errata/RHSA-2019:3149https://access.redhat.com/errata/RHSA-2019:3892https://access.redhat.com/errata/RHSA-2019:4037