2 matches found
jackson-databind: use of deeply nested arrays
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer.deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices...
custom-bytecode-analyzer - Java bytecode analyzer customizable via JSON rules
Java bytecode analyzer customizable via JSON rules. It is a command-line tool that receives a path containing one or more Jar files, analyzes them using the provided rules and generates HTML reports with the results. Usage usage: java -jar cba-cli.jar OPTIONS -a DIRECTORYTOANALYZE -a,--analyze Pa...