Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2017-7525

A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.

Related bugs and status

CVE-2017-7525 (Candidate) is related to these bugs:

Bug #1869918: Found an escape character in the closing description tag that corrupts the xml.

Summary				In	Importance	Status
	1869918	Found an escape character in the closing description tag that corrupts the xml.		Ubuntu CVE Tracker	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://github.com/Fas...
CONFIRM: https://github.com/Fas...
CONFIRM: https://bugzilla.redha...
CONFIRM: https://security.netap...
DEBIAN: DSA-4004
REDHAT: RHSA-2017:1834
REDHAT: RHSA-2017:1835
REDHAT: RHSA-2017:1836
REDHAT: RHSA-2017:1837
REDHAT: RHSA-2017:1839
REDHAT: RHSA-2017:1840
REDHAT: RHSA-2017:2477
REDHAT: RHSA-2017:2546
REDHAT: RHSA-2017:2547
REDHAT: RHSA-2017:2633
REDHAT: RHSA-2017:2635
REDHAT: RHSA-2017:2636
REDHAT: RHSA-2017:2637
REDHAT: RHSA-2017:2638
REDHAT: RHSA-2017:3141
REDHAT: RHSA-2017:3454
REDHAT: RHSA-2017:3455
REDHAT: RHSA-2017:3456
REDHAT: RHSA-2017:3458
BID: 99623
SECTRACK: 1039744
SECTRACK: 1039947
CONFIRM: https://cwiki.apache.o...
REDHAT: RHSA-2018:0294
SECTRACK: 1040360
REDHAT: RHSA-2018:0342
CONFIRM: http://www.oracle.com/...
REDHAT: RHSA-2018:1449
REDHAT: RHSA-2018:1450
CONFIRM: http://www.oracle.com/...
CONFIRM: https://support.hpe.co...
CONFIRM: http://www.oracle.com/...
CONFIRM: https://www.oracle.com...
MISC: https://www.oracle.com...
MLIST: [lucene-dev] 20190325 ...
MLIST: [lucene-dev] 20190325 ...
MLIST: [lucene-dev] 20190325 ...
MLIST: [lucene-dev] 20190325 ...
MLIST: [lucene-dev] 20190325 ...
REDHAT: RHSA-2019:0910
MISC: https://www.oracle.com...
REDHAT: RHSA-2019:2858
REDHAT: RHSA-2019:3149
MLIST: [cassandra-commits] 20...
MLIST: [lucene-solr-user] 201...
MLIST: [druid-commits] 201911...
MLIST: [lucene-solr-user] 201...
MLIST: [lucene-solr-user] 201...
MLIST: [lucene-solr-user] 201...
MLIST: [debian-lts-announce] ...
MLIST: [debian-lts-announce] ...
MISC: https://www.oracle.com...
MLIST: [spark-issues] 2021022...
MLIST: [cassandra-commits] 20...
MLIST: [cassandra-commits] 20...