Description
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.
Remediation
References
Related Vulnerabilities
PHP Other Vulnerability (CVE-2001-1385)
WordPress Plugin Jock on air now Cross-Site Scripting (5.6.2)
MySQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-10268)
Opencart Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-13067)
Internet Information Services Other Vulnerability (CVE-2005-2089)