RedHat jackson-databind CVE-2019-12384 Code Injection Vulnerability

description-logoDescription

The Public Key Infrastructure (PKI) Deps module contains fundamental packages required as dependencies for the pki-core module by Red Hat Certificate System. Security Fix(es): * jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

affected-products-logoAffected Applications

jackson-databind

CVE References

CVE-2019-12384