jackson

jackson-databind/Fastjson Remote Code Execution Vulnerability Threat Alert

março 23, 2020

Overview

Recently, two remote code execution vulnerabilities (CVE-2020-9547 and CVE-2020-9548) were fixed in jackson-databind. By using two components (ibatis-sqlmap and anteros-core) to bypass the blacklist restriction, attackers could exploit these vulnerabilities to cause remote code execution on the victim’s machine. (mais…)

Search

Inscreva-se no Blog da NSFOCUS