CVE-2020-11113

Publication date

2020-03-31 04:37:27

Family

mitre

State

PUBLISHED

Description

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).