BZ#1713469 CVE-2019-12086 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server. [fedora-all]
0
0
BZ#1725796 CVE-2019-12814 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message. [fedora-all]
0
0
BZ#1725808 CVE-2019-12384 jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution [fedora-all]
0
0
BZ#1737518 CVE-2019-14379 jackson-databind: default typing mishandling leading to remote code execution [fedora-all]
0
0
BZ#1752964 CVE-2019-14439 jackson-databind: Polymorphic typing issue related to logback/JNDI [fedora-all]
This update has been submitted for testing by decathorpe.
This update's test gating status has been changed to 'waiting'.
This update's test gating status has been changed to 'ignored'.
This update has been pushed to testing.
decathorpe edited this update.
This update can be pushed to stable now if the maintainer wishes
This update has been submitted for stable by bodhi.
This update has been pushed to stable.