CVE
CVE-2020-9547
jackson-databind mishandles the interaction between serialization gadgets and typing
FasterXML jackson-databind 2.x before 2.9.10.4, 2.8.11.6, and 2.7.9.7 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap).
Endor Patches
Patch Name
Vulnerabilities fixed
Lines of Code Changed