2 matches found
CVE-2021-29508
Due to how Wire handles type information in its serialization format, malicious payloads can be passed to a deserializer. e.g. using a surrogate on the sender end, an attacker can pass information about a different type for the receiving end. And by doing so allowing the serializer to create any...
CVE-2021-29508
CVE-2021-29508 affects Wire and its fork, due to insecure handling of type information in its serialization format. The vulnerability allows a deserializer to be influenced by a malicious payload, potentially enabling the creation of any type on the receiving end. Public descriptions across Red H...