Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:8107
HistoryJan 03, 2019 - 6:15 a.m.

Remote Code Execution (RCE)

2019-01-0306:15:06
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
19

EPSS

0.005

Percentile

76.7%

jackson-databind is susceptible to deserialisation vulnerability. The vulnerability is due to the lack of openjpa class blockage, allowing a remote attacker to leverage this vulnerability to execute arbitrary code.

References