Download
| Alert*
oval:org.secpod.oval:def:46712
The host is installed with oracle webLogic through 12.2.1.2 or 12.2.1.3 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle jackson-databind component issue. Successful exploitation allows an attacker to execute an unauthenticated remote ... oval:org.secpod.oval:def:603388 It was discovered that jackson-databind, a Java library used to parse JSON and other data formats, improperly validated user input prior to deserializing because of an incomplete fix for CVE-2017-7525. oval:org.secpod.oval:def:53319 It was discovered that jackson-databind, a Java library used to parse JSON and other data formats, improperly validated user input prior to deserializing because of an incomplete fix for CVE-2017-7525. |