Deserialization of Untrusted Data
Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to the improper use of a reflection-based approach to type conversion. An attacker can execute arbitrary code via a crafted serialized object. Details Serialization is a process of converting an...