Tuesday, March 31, 2020

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in jackson-databind

IBM Watson Discovery for IBM Cloud Pak for Data has a vulnerable version of FasterXML jackson-databind. A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
ICP – Discovery 2.0.0-2.1.1

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6128985

The post Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in jackson-databind appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/2Jv4xrC

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.