Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:20928
HistoryJul 30, 2019 - 5:10 a.m.

Remote Code Execution (RCE)

2019-07-3005:10:45
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
25
jackson-databind
rce
vulnerability
ehcache
software
gadget conversion

EPSS

0.01

Percentile

83.6%

jackson-databind is vulnerable to remote code execution (RCE). The attack is possible due to lack of proper handling of gadget type conversion when ehcache is used.

References