
Red Hat Security Advisory 2017-3141-01 - The RHV-M Virtual
Appliance automates the process of installing and configuring the
Red Hat Virtualization Manager. The appliance is available to
download as an OVA file from the Customer Portal. The following
packages have been upgraded to a later upstream version:
rhvm-appliance. Security Fix: A deserialization flaw was discovered
in the jackson-databind which could allow an unauthenticated user
to perform code execution by sending the maliciously crafted input
to the readValue method of the ObjectMapper.
Read more https://packetstormsecurity.com/files/144915/RHSA-2017-3141-01.txt