Back to directory
WRITEUP #3536

Detecting Jackson deserialization vulnerabilities with CodeQL

DeserializationInsecure deserialization
by@artem_smotrakov(Artem Smotrakov)
Bounty
4,500
Program
GitHub
Published
Aug 2, 2021
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://blog.gypsyengineer.com/en/security/detecting-jackson-deserialization-vulnerabilities-with-codeql.html
RELATED WRITEUPS
Attacking PowerShell CLIXML Deserialization
DeserializationInsecure deserialization
Dynamics 365 Business Central - A Journey With Ups and Downs
DeserializationInsecure deserialization
Getting code execution on Veeam through CVE-2023-27532
RCEInsecure deserialization
3 ways to get Remote Code Execution in Kafka UI
RCEInsecure deserialization
Shelltorch Explained: Multiple Vulnerabilities in Pytorch Model Server (Torchserve) (CVSS 9.9, CVSS 9.8) Walkthrough
AI / LLMAI

Built with ❤️ by Shubham Rawat