Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:8093
HistoryDec 28, 2018 - 7:34 a.m.

Deserialisation Of Untrusted Data

2018-12-2807:34:07
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
15

EPSS

0.571

Percentile

97.7%

jackson-databind can deserialize untrusted data. The vulnerability is due to an incomplete fix for the CVE-2017-7525.

References