4.2.2

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-11	CVE-2020-5411	Deserialization of Untrusted Data vulnerability in Pivotal Software Spring Batch When configured to enable default typing, Jackson contained a deserialization vulnerability that could lead to arbitrary code execution. network high complexity pivotal-software CWE-502	8.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.