4 matches found
Remote Code Execution (RCE)
FasterXML jackson-databind is vulnerable to deserialization of untrusted data. There is a polymorphic typing issue because there are more than one association gadget types related to org.aoju.bus.proxy.provider.remoting.RmiProvider aka bus-proxy implementation by default...
Remote Code Execution
FasterXML jackson-databind is vulnerable to deserialization of untrusted data. There is a polymorphic typing issue because there are more than one association gadget types related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup...
Deserialization Of Untrusted Data
FasterXML jackson-databind is vulnerable to deserialization of untrusted data. There is a polymorphic typing issue because there are more than one association gadget types related to CXF JAX-RS implementation by default...
Deserialization Of Untrusted Data
FasterXML jackson-databind is vulnerable to deserialization of untrusted data . The vulnerability exists because there is a polymorphic typing issue because there are more than one association gadget types related to com.zaxxer.hikari.HikariConfig by default which allows an attacker to perform...