Red Hat Security Advisory 2017-1839-01

Discussion in 'News Aggregator' started by Packet Storm, 1 Aug 2017.

  1. Packet Storm

    Packet Storm Guest

    Red Hat Security Advisory 2017-1839-01 - The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API. Security Fix: A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.

    Continue reading...
     

Share This Page

Loading...