Summary: | dev-java/ jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Francis Booth <boothf> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED OBSOLETE | ||
Severity: | normal | CC: | java |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/FasterXML/jackson-databind/issues/1723 | ||
Whiteboard: | ~2 [ebuild] | ||
Package list: | Runtime testing required: | --- |
Description
Francis Booth
2017-11-16 14:59:30 UTC
Fixed in version(s) >=2.8.10, 2.9.1 https://github.com/FasterXML/jackson-databind/issues/1847 Superseded by: bug 648952 |