oss-sec mailing list archives
[ANN] [APACHE STRUTS] Security Bulletin S2-055: impact increased to High (related to CVE-2017-7525 - JSON Jackson library)
From: Lukasz Lenart <lukaszlenart () apache org>
Date: Tue, 12 Dec 2017 08:13:02 +0100
Hi, After further clarification we increased impact of a vulnerability reported to us and described as S2-055 to High. The vulnerability exists in a JSON Jackson library and it's registered under CVE-2017-7525. Please read the bulletin [1] and apply possible solutions. This vulnerability impacts anyone using the vulnerable Jackson JSON library (not only Struts users). [1] https://cwiki.apache.org/confluence/display/WW/S2-055 Regards -- Ćukasz + 48 606 323 122 http://www.lenart.org.pl/
Current thread:
- [ANN] [APACHE STRUTS] Security Bulletin S2-055: impact increased to High (related to CVE-2017-7525 - JSON Jackson library) Lukasz Lenart (Dec 12)