https://bugzilla.redhat.com/show_bug.cgi?id=1775293
Kunjan Rathod krathod@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Summary|CVE-2019-17531 |CVE-2019-17531 |jackson-databind: enabling |jackson-databind: |default typing leads to |polymorphic typing issue |code execution |when enabling default | |typing for an externally | |exposed JSON endpoint and | |having apache-log4j-extra | |in the classpath leads to | |code execution