CVE-2018-21234

https://notcve.org/view.php?id=CVE-2018-21234

Jodd before 5.0.4 performs Deserialization of Untrusted JSON Data when setClassMetadataName is set. Jodd versiones anteriores a la versión 5.0.4, realiza una Deserialización de Datos JSON No Confiables, cuando se establece la función setClassMetadataName. • https://github.com/oblac/jodd/commit/9bffc3913aeb8472c11bb543243004b4b4376f16 https://github.com/oblac/jodd/compare/v5.0.3...v5.0.4 https://github.com/oblac/jodd/issues/628 https://lists.apache.org/thread.html/r0bacc701ab7105500a0ab2769270d18f332cb379e6a62ec7553f3327%40%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/r157d01c96a2c10e7ceb3e005f42c52cfe87b11dd018935e1c4277433%40%3Cgitbox.hive.apache.org%3E https://lists.apache.org/thread.html/r317aec95c436848233047af7ecb3ce04ce446eb6031f981aef50df0d%40%3Cdev.drill.apache.org%3E https • CWE-502: Deserialization of Untrusted Data •