2 matches found
GHSA-F9XH-2QGP-CQ57 Unsafe Deserialization in jackson-databind
FasterXML jackson-databind 2.x before 2.9.10.8 and 2.6.7.5 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource...
PT-2021-7983
Name of the Vulnerable Software and Affected Versions jackson-databind versions prior to 2.9.10.7 jackson-databind versions prior to 2.6.7.5 Description The issue is related to the jackson-databind library's handling of serialization gadgets and typing, which can lead to the restoration of...