Lucene search

K
prionPRIOn knowledge basePRION:CVE-2018-14720
HistoryJan 02, 2019 - 6:29 p.m.

Deserialization of untrusted data

2019-01-0218:29:00
PRIOn knowledge base
www.prio-n.com
8

9.2 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.1%

FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.

References