Lucene search

K
redhatcveRedhat.comRH:CVE-2018-19361
HistoryAug 22, 2021 - 1:06 p.m.

CVE-2018-19361

2021-08-2213:06:10
redhat.com
access.redhat.com
15
flaw
jackson-databind
polymorphic deserialization
openjpa
arbitrary code

EPSS

0.005

Percentile

76.7%

A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the OpenJPA class. An attacker could use this flaw to execute arbitrary code.