CVE
CVE-2018-19361
Deserialization of Untrusted Data in jackson-databind
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.
Endor Patches
Patch Name
Vulnerabilities fixed
Lines of Code Changed