Fastjson is an open source JSON parsing library that parses JSON format strings and supports serializing Java beans to JSON strings and also deserializing from JSON strings to JavaBean. fastjson has a remote code execution vulnerability that can be exploited by attackers to bypass the default autoType closure restriction to deserialize security-risked classes. This can lead to remote code execution under certain conditions.
CPE | Name | Operator | Version |
---|---|---|---|
FastJson fastjson | lt | 1.2.80 |