SubTypeValidator.java in FasterXML... CVE-2019-14379

7.5 AV AC AU C I A
发布: 2019-07-29
修订: 2020-10-28

SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.

0%
暂无可用Exp或PoC
当前有125条受影响产品信息