CVE-2018-19362 on Ubuntu 18.04 LTS (bionic) - medium.
Description:
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.