CVE-2013-1768
CVE-2013-1768 involves deserialization of a malicious OpenJPA object; IBM bulletins note the embedded OpenJPA code is present in WebSphere Application Server but is not exploitable by WAS itself. Affected WAS versions ship the vulnerable OpenJPA code (not exploitable) and IBM provides fixes via A...