DSA-4114 jackson-databind - security update
|
Información sobre el sistema
|
|
|
Software afectado |
Debian |
Descripción
|
It was discovered that jackson-databind, a Java library used to parseJSON and other data formats, did not properly validate user inputbefore attempting deserialization. This allowed an attacker to performcode execution by providing maliciously crafted input.
More info:
https://www.debian.org/security/2018/dsa-4114 |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2017-17485 ,CVE-2018-5968 and DSA-4114. |