Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:22622
HistoryMar 03, 2020 - 4:20 a.m.

Remote Code Execution (RCE)

2020-03-0304:20:13
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
50
remote code execution
json deserialization
jackson-databind
anterosdbcpconfig gadget

EPSS

0.004

Percentile

73.8%

jackson-databind is vulnerable to remote code execution (RCE). The vulnerability exists through the deserialization of a JSON payload that uses the br.com.anteros.dbcp.AnterosDBCPConfig gadget.

References