Description
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).
Remediation
References
Related Vulnerabilities
ProjectSend Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2023-53930)
WordPress Plugin Stars Menu Cross-Site Scripting (1.0.1)
OpenSSL Resource Management Errors Vulnerability (CVE-2016-2179)
WordPress Plugin SEO Ultimate 'wp-admin/post.php' Cross-Site Scripting (6.9.1)
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2021-4104)