Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
https://nvd.nist.gov/vuln/detail/CVE-2020-24750 https://nvd.nist.gov/vuln/detail/CVE-2020-24616 Release notes: https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9#micro-patches > jackson-databind 2.9.10.6 (24-Aug-2020) -- with jackson-bom version 2.9.10.20200824 > > * FasterXML/jackson-databind#2798: Block one more gadget type (com.pastdev.httpcomponents, CVE-2020-24750 > * FasterXML/jackson-databind#2814: Block one more gadget type (Anteros-DBCP, CVE-2020-24616) > * FasterXML/jackson-databind#2826: Block one more gadget type (com.nqadmin.rowset) > * FasterXML/jackson-databind#2827: Block one more gadget type (org.arrahtec:profiler-core)
- Loading branch information