CVE
CVE-2018-19362
com.fasterxml.jackson.core:jackson-databind vulnerable to Deserialization of Untrusted Data
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.
Endor Patches
Patch Name
Vulnerabilities fixed
Lines of Code Changed