Jackson-Databind Unsafe Unserialization Remote Code Execution (CVE-2017-7525, CVE-2017-15095)
Recently a new vulnerability in Jackson, a popular Java library used for parsing JSON, was published and assigned CVE-2017-7525 and later extended with CVE-2017-15095.
The Jackson-databind package...
Published Dec 07, 2017
Version 1.0Gal_Goldshtein
Employee
Joined June 20, 2019
Gal_Goldshtein
Employee
Joined June 20, 2019
Les_Opp_125023
Feb 08, 2018Nimbostratus
Can you provide the signature ID's? I looked at the readme.txt associated with update: v11.5.5/ASM-SignatureFile_20171227_172355 and am not sure which signatures apply.