Lucene search
K

8 matches found

GithubExploit
GithubExploit
added 2024/11/07 1:6 p.m.1032 views

Exploit for Deserialization of Untrusted Data in Alibaba Fastjson

CVE-2022-25845-In-Spring 主要依赖 1. jackson 2. commons-io 快...

9.8CVSS9.1AI score0.17767EPSS
Exploits5
GithubExploit
GithubExploit
added 2024/01/28 8:3 p.m.776 views

Exploit for Deserialization of Untrusted Data in Alibaba Fastjson

json.org CVE-2022-45688 true & false positive WTF ?? The p...

9.8CVSS7.7AI score0.17767EPSS
Exploits9
GithubExploit
GithubExploit
added 2023/03/01 4:17 p.m.696 views

Exploit for Deserialization of Untrusted Data in Alibaba Fastjson

CVE-2022-25845-exploit Try exploiting this CVE by studying so...

9.8CVSS9.1AI score0.17767EPSS
Exploits5
The Hacker News
The Hacker News
added 2022/06/16 8:25 a.m.57 views

High-Severity RCE Vulnerability Reported in Popular Fastjson Library

Cybersecurity researchers have detailed a recently patched high-severity security vulnerability in the popular Fastjson library that could be potentially exploited to achieve remote code execution. Tracked as CVE-2022-25845 CVSS score: 8.1, the issue relates to a case of deserialization of...

2.9AI score0.17767EPSS
Exploits5
vulnersOsv
vulnersOsv
added 2022/06/11 12:0 a.m.5 views

ai.houyi:dorado (>=0.0.1 <=0.0.8), ai.houyi:dorado-core (>=0.0.11 <=0.0.51) +12039 more potentially affected by CVE-2022-25845 via com.alibaba:fastjson (>=1.2.25 <=1.2.80)

com.alibaba:fastjson MAVEN version =1.2.25, =0.0.1, =0.0.11, =0.0.16, =0.0.1, =0.0.14, =0.0.47, =0.0.14, =0.1.1, =2.1.0, =2.1.0, =Finchley.SR2.SR1, =Finchley.SR4, =j8.2.2.0, =Finchley.SR2.SR1, =Finchley.SR2.SR1, =j11.2.6.0 and more Source cves: CVE-2022-25845 Source advisory: OSV:GHSA-PV7H-HX5H-M...

9.8CVSS7.4AI score0.17767EPSS
Exploits5
OSV
OSV
added 2022/06/10 8:5 p.m.18 views

CVE-2022-25845 Deserialization of Untrusted Data

The package com.alibaba:fastjson before 1.2.83 are vulnerable to Deserialization of Untrusted Data by bypassing the default autoType shutdown restrictions, which is possible under certain conditions. Exploiting this vulnerability allows attacking remote servers. Workaround: If upgrading is not...

8.1CVSS7.3AI score0.17767EPSS
Exploits5References9
CVE
CVE
added 2022/06/10 8:5 p.m.258 views

CVE-2022-25845

CVE-2022-25845 affects Alibaba Fastjson prior to 1.2.83. The root cause is a bypass of the default autoType shutdown restrictions during deserialization of untrusted data, allowing attacker-controlled payloads to trigger deserialization. The impact is described as remote attack potential on vulne...

9.8CVSS8.8AI score0.17767EPSS
In wildExploits5References7Affected Software1
vulnersOsv
vulnersOsv
added 2022/06/06 4:21 p.m.4 views

ai.houyi:dorado (>=0.0.1 <=0.0.8), ai.houyi:dorado-core (>=0.0.11 <=0.0.51) +12735 more potentially affected by CVE-2022-25845 via com.alibaba:fastjson (>=1.1.15 <=1.2.80)

com.alibaba:fastjson MAVEN version =1.1.15, =0.0.1, =0.0.11, =0.0.16, =0.0.1, =0.0.14, =0.0.47, =0.0.14, =0.1.1, =2.1.0, =2.1.0, =Finchley.SR2.SR1, =Finchley.SR4, =j8.2.2.0, =Finchley.SR2.SR1, =Finchley.SR2.SR1, =j11.2.6.0 and more Source cves: CVE-2022-25845 Source advisory:...

9.8CVSS7.4AI score0.17767EPSS
Exploits5
Rows per page
Query Builder