Jackson-Databind Unsafe Unserialization Remote Code Execution (CVE-2017-7525, CVE-2017-15095)
Recently a new vulnerability in Jackson, a popular Java library used for parsing JSON, was published and assigned CVE-2017-7525 and later extended with CVE-2017-15095.
The Jackson-databind package...
Published Dec 07, 2017
Version 1.0
Gal_Goldshtein
Employee
EmployeeGal_GoldshteinEmployee
Employee
Remco
Nimbostratus
NimbostratusI would also like to know which signatures ID is should select or which signature set.