High severity vulnerability that affects com.fasterxml.jackson.core:jackson-databind

2019-01-04T19:07:01
ID GHSA-MX9V-GMH4-MGQW
Type github
Reporter GitHub Advisory Database
Modified 2019-07-03T21:02:06

Description

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.