Oval Definition:	oval:com.ubuntu.trusty:def:20177525000
Revision Date: 2018-02-06 Version: 1 Title: CVE-2017-7525 on Ubuntu 14.04 LTS (trusty) - medium. Description: A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. Family: unix Class: vulnerability Status: Reference(s): CVE-2017-7525 Platform(s): Ubuntu 14.04 LTS Product(s): Definition Synopsis Ubuntu 14.04 LTS (trusty) is installed. AND The 'jackson-databind' package in trusty is affected and needs fixing.
BACK