Lucene search

K
cvelistMitreCVELIST:CVE-2018-14720
HistoryJan 02, 2019 - 6:00 p.m.

CVE-2018-14720

2019-01-0218:00:00
mitre
www.cve.org
1

9.5 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.1%

FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.

References