← volver
CVE-2019-12384

CVE-2019-12384

EPSS 45.2%
FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. Depending on the classpath content, remote code execution may be possible.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://access.redhat.com/errata/RHSA-2019:1820https://access.redhat.com/errata/RHSA-2019:2720https://access.redhat.com/errata/RHSA-2019:2858https://access.redhat.com/errata/RHSA-2019:2935https://access.redhat.com/errata/RHSA-2019:2936https://access.redhat.com/errata/RHSA-2019:2937https://access.redhat.com/errata/RHSA-2019:2938https://access.redhat.com/errata/RHSA-2019:2998https://access.redhat.com/errata/RHSA-2019:3149https://access.redhat.com/errata/RHSA-2019:3200https://access.redhat.com/errata/RHSA-2019:3292https://access.redhat.com/errata/RHSA-2019:3297