Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology

Articles

Sort results

Jackson-Databind - A Story of Blacklisting Java Deserialization Gadgets

Jackson is a popular library for parsing JSON documents in Java. Jackson-Databind is a module of the Jackson library that allows automatic transformation from JSON to Java objects and vice versa. In June 2017, an unsafe deserialization... Read more
0 Reviews

Jackson-Databind Unsafe Unserialization Remote Code Execution (CVE-2017-7525, CVE-2017-15095)

Recently a new vulnerability in Jackson, a popular Java library used for parsing JSON, was published and assigned CVE-2017-7525. The Jackson-databind package allows programmers to construct Java objects out of JSON documents, and as we have... Read more
1 Review