CVE-2020-14061

Posted on by admin

CVE-2020-14061

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms).

Source: CVE-2020-14061

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다