Is Fuse 6.3 vulnerable to Jackson Databind polymorphic type handling flaws?
Issue
- 3rd party vulnerability scanning tools will often report Fuse 6.3 R13 is affected by Jackson Databind polymorphic type handling flaws but is it actually vulnerable?
Environment
- Red Hat JBoss Fuse (Fuse)
- 6.3.
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.