WRITEUP #2690

CVE-2022-21404: Another Story Of Developers Fixing Vulnerabilities Unknowingly Because Of CodeQL

DeserializationInsecure deserialization

by@calderpwn(Paulino Calderon)

Program

Oracle

Published

May 19, 2022

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://www.websec.ca/publication/Blog/CVE-2022-21404-Another-story-of-developers-fixing-vulnerabilities-unknowingly-because-of-CodeQL

▸ RELATED WRITEUPS

Attacking PowerShell CLIXML Deserialization

DeserializationInsecure deserialization

Dynamics 365 Business Central - A Journey With Ups and Downs

DeserializationInsecure deserialization

Getting code execution on Veeam through CVE-2023-27532

RCEInsecure deserialization

3 ways to get Remote Code Execution in Kafka UI

RCEInsecure deserialization

Shelltorch Explained: Multiple Vulnerabilities in Pytorch Model Server (Torchserve) (CVSS 9.9, CVSS 9.8) Walkthrough

AI / LLMAI

Built with ❤️ by Shubham Rawat