Is a database without the Spatial Component installed Vulnerable To CVE-2017-15095?
(Doc ID 2428282.1)
Last updated on APRIL 01, 2020
Applies to:Oracle Spatial and Graph - Version 220.127.116.11 and later
Information in this document applies to any platform.
Regarding CVE-2017-15095, which was fixed in July 2018 CPU for 18.104.22.168.
The CVE is related to component Oracle Spatial (jackson-databind).
Oracle Spatial component was removed from my database. Is it true that my database service is not vulnerable to CVE-2017-15095?
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document