CVE-2019-17267

Improper Input Validation in jackson-databind

Description

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10 and 2.8.11.5. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.

Patch Available

Fix available through Seal Security.  
No upgrade required, protect your application instantly.

Fix without upgrading

Score

9.8

Severity

Critical

Ecosystem

Java

Publish Date

June 15, 2020

Modified Date

March 15, 2024

Score Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Versions