Exploit for Improper Input Validation in Alibaba Fastjson

Lab 6-CVE-2017-18349 I. SYSTEM ANALYSIS Attack S...

ai.houyi:dorado (>=0.0.1 <=0.0.8), ai.houyi:dorado-core (>=0.0.11 <=0.0.51) +3602 more potentially affected by CVE-2025-70974 via com.alibaba:fastjson (>=1.1.15 <=1.2.47)

com.alibaba:fastjson MAVEN version =1.1.15, =0.0.1, =0.0.11, =0.0.16, =0.0.1, =0.0.14, =0.0.47, =0.0.14, =0.3.0, =3.0.0, =1.0.0, =1.0.1, =1.0.2 and more Source cves: CVE-2025-70974 Source advisory: OSV:GHSA-JM7W-5684-PVH8...

Unsafe Dependency Resolution

Overview com.alibaba:fastjson is a fast JSON parser/generator for Java. Affected versions of this package are vulnerable to Unsafe Dependency Resolution due to the unsafe implementation of the checkAutoType function. An attacker can execute arbitrary code by supplying a crafted JSON document...

Exploit for Deserialization of Untrusted Data in Alibaba Fastjson

CVE-2022-25845-In-Spring !Languagehttps://img.shields.io/b...

Exploit for Deserialization of Untrusted Data in Alibaba Fastjson

CVE-2022-25845-In-Spring 主要依赖 1. jackson 2. commons-io 快...

Exploit for Deserialization of Untrusted Data in Alibaba Fastjson

json.org CVE-2022-45688 true & false positive WTF ?? The p...

Exploit for Deserialization of Untrusted Data in Alibaba Fastjson

CVE-2022-25845-exploit Try exploiting this CVE by studying so...

ai.houyi:dorado (>=0.0.1 <=0.0.8), ai.houyi:dorado-core (>=0.0.11 <=0.0.51) +7268 more potentially affected by unknown CVE via com.alibaba:fastjson (>=1.1.15 <=1.2.68)

com.alibaba:fastjson MAVEN version =1.1.15, =0.0.1, =0.0.11, =0.0.16, =0.0.1, =0.0.14, =0.0.47, =0.0.14, =0.1.1, =Finchley.SR2.SR1, =Finchley.SR4, =Finchley.SR2.SR1, =Finchley.SR2.SR1, =Finchley.SR4, =2.0.1.RELEASE, =2.0.1.RELEASE, =2.1.10.RELEASE and more Source cves: unknown CVE Source advisory...