Vulnerabilities > Redhat > Satellite Capsule > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-06 | CVE-2017-15095 | Deserialization of Untrusted Data vulnerability in multiple products A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. | 9.8 |
| 2017-03-13 | CVE-2017-5929 | Deserialization of Untrusted Data vulnerability in multiple products QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components. | 9.8 |