CVE-2019-10202

A series of deserialization vulnerabilities have been discovered in Codehaus 1.9.x implemented in EAP 7. This CVE fixes CVE-2017-17485, CVE-2017-7525, CVE-2017-15095, CVE-2018-5968, CVE-2018-7489, CVE-2018-1000873, CVE-2019-12086 reported for FasterXML jackson-databind by implementing a whitelist approach that will mitigate these vulnerabilities and future ones alike.

View Full Alert

Related Posts

  • CVE-2019-0231

    Handling of the close_notify SSL/TLS message does not lead to a connection closure, leading the server to retain the socket opened and to have the client potentially receive clear text…

  • CVE-2018-17792

    MDaemon Webmail (formerly WorldClient) has CSRF. View Full Alert

  • CVE-2018-14919

    LOYTEC LGATE-902 6.3.2 devices allow XSS. View Full Alert