CVE
CVE-2018-19360
Deserialization of Untrusted Data in jackson-databind due to polymorphic deserialization
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.
Endor Patches
Patch Name
Vulnerabilities fixed
Lines of Code Changed