search

microsoft / Partner-Center-Java

Partner Center SDK for Java
https://docs.microsoft.com/java/partnercenter/
31 stars 12 forks source link

CVE-2019-14379 #66

Closed ghost closed 5 years ago

ghost commented 5 years ago

SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used, leading to remote code execution.

ghost commented 5 years ago

The dependency has been updated and version 1.13.6 will be released shortly.