Security Advisory

CVE-2020-14195

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-06-16 15:07:11
Last updated 2024-08-04 12:39:36
Assigner mitre
State PUBLISHED

Description

FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).