Is a database without the Spatial Component installed Vulnerable To CVE-2017-15095?
(Doc ID 2428282.1)
Last updated on APRIL 01, 2020
Applies to:
Oracle Spatial and Graph - Version 12.2.0.1 and laterInformation in this document applies to any platform.
Goal
Regarding CVE-2017-15095, which was fixed in July 2018 CPU for 12.2.0.1.
The CVE is related to component Oracle Spatial (jackson-databind).
Oracle Spatial component was removed from my database. Is it true that my database service is not vulnerable to CVE-2017-15095?
Solution
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Goal |
Solution |