CVE-2018-21234: Deserialization of Untrusted Data

May 21, 2020 (updated May 22, 2020)

Jodd before performs Deserialization of Untrusted JSON Data when setClassMetadataName is set.

References

nvd.nist.gov/vuln/detail/CVE-2018-21234

Detect and mitigate CVE-2018-21234 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →