Contact Privacy DMCA Patreon

Robuta
https://www.elttam.com/blog/ruby-deserialization Ruby 2.x Universal RCE Deserialization Gadget Chain - elttam Mar 24, 2026 - The first public universal Ruby deserialization gadget chain. Learn how arbitrary deserialization leads to RCE in Ruby 2.x applications. rubyxuniversalrcedeserialization https://mail.openjdk.org/pipermail/jdk-dev/2021-June/005630.html JEP proposed to target JDK 17: 415: Context-Specific Deserialization Filters to targetjepproposedjdkcontext https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-31507 Deserialization of Untrusted Data in com.fasterxml.jackson.core:jackson-databind | CVE-2017-7525 |... High severity (8.1) Deserialization of Untrusted Data in com.fasterxml.jackson.core:jackson-databind | CVE-2017-7525 deserializationuntrusted https://mail.openjdk.org/pipermail/jdk-dev/2021-May/005509.html New candidate JEP: 415: Context-Specific Deserialization Filters new candidatejepcontextspecificdeserialization https://bugzilla.zimbra.com/show_bug.cgi?id=109097 109097 – Insecure object deserialization - IMAP [CWE-502] insecureobjectdeserializationimapcwe https://circl.lu/pub/tr-95/ CIRCL » TR-95 - Critical vulnerability - Deserialization of untrusted data in on-premises Microsoft... TR-95 - Critical vulnerability - Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code... on premisescircltrcriticalvulnerability https://www.assetnote.io/resources/research/why-nested-deserialization-is-harmful-magento-xxe-cve-2024-34102 Why nested deserialization is harmful: Magento XXE (CVE-2024-34102) A critical, pre-authentication XML entity injection issue in Magento / Adobe Commerce (CVE-2024-34102), which Adobe rated as CVSS 9.8. nesteddeserializationharmfulmagentoxxe https://patchstack.com/database/wordpress/plugin/broken-link-checker/vulnerability/wordpress-broken-link-checker-plugin-1-11-16-authenticated-phar-deserialization-vulnerability Deserialization of untrusted data in WordPress Broken Link Checker Plugin - Patchstack Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues. broken link checkerdeserializationuntrusteddatawordpress https://www.zdnet.com/article/deserialization-issues-also-affect-ruby-not-just-java-php-and-net/ Deserialization issues also affect Ruby, not just Java, PHP, and .NET | ZDNET Jan 21, 2019 - Java, .NET, PHP, and now Ruby. Python, are you next? also affect https://www.tensorflow.org/api_docs/python/tf/keras/config/enable_unsafe_deserialization tf.keras.config.enable_unsafe_deserialization | TensorFlow v2.16.1 Disables safe mode globally, allowing deserialization of lambdas. unsafe deserializationtfkerasconfigenable https://www.starburst.io/blog/2022-09-20-bej6-deserialization-html/ Deserialization part 2 | Starburst In part six of the Bleeding edge Java series, read more about deserialization and adding support for complex types. deserializationpartstarburst https://dev.to/cverports/cve-2025-62373-cve-2025-62373-remote-code-execution-via-insecure-deserialization-in-pipecat-3780 CVE-2025-62373: CVE-2025-62373: Remote Code Execution via Insecure Deserialization in Pipecat... Apr 24, 2026 - CVE-2025-62373: Remote Code Execution via Insecure Deserialization in Pipecat... Tagged with security, cve, cybersecurity. remote code executioncveviainsecuredeserialization https://webglossary.info/terms/deserialization/ Deserialization · WebGlossary.info · Uncover Your Unknowns in Web Development in webdeserializationinfouncoverdevelopment https://developer.mozilla.org/en-US/docs/Glossary/Deserialization Deserialization - Glossary | MDN Deserialization is the process whereby a lower-level format (e.g., that has been transferred over a network, or stored in a data store) is translated into a... deserializationglossarymdn https://seclists.org/oss-sec/2026/q2/211 oss-sec: CVE-2025-62233: Apache DolphinScheduler: Deserialization of untrusted data in RPC ossseccveapachedeserialization https://seclists.org/oss-sec/2026/q2/219 oss-sec: CVE-2026-27172: Apache Camel: Unsafe Java deserialization in camel-consul ConsulRegistry... apache camelossseccveunsafe https://cwe.mitre.org/data/definitions/502.html CWE - CWE-502: Deserialization of Untrusted Data (4.19.1) Common Weakness Enumeration (CWE) is a list of software weaknesses. cwedeserializationuntrusteddata