General data-binding functionality for Jackson: works on core streaming API
Language
JAVA
Vulnerability
Remote Code Execution (RCE) Through Deserialization
Vulnerability description
Jackson-databind is vulnerable to remote code execution attacks. These attacks are possible during bean deserialization and attackers are able to execute code and commands.
Veracode Software Composition Analysis
Links: