Description
Oracle JDeveloper product of Oracle Fusion Middleware (component: ADF Faces) (versions 12.2.1.3.0 and 12.2.1.4.0 and prior) is vulnerable to a Java Object Deserialization remote code execution vulnerability. An attacker could exploit this vulnerability using specially-crafted serialized data to execute arbitrary code on the system or to perform a denial of service attack.
Remediation
Upgrade to the latest version of Oracle ADF Faces