Robuta

https://github.com/google/gson GitHub - google/gson: A Java serialization/deserialization library to convert Java Objects into... A Java serialization/deserialization library to convert Java Objects into JSON and back - google/gson google gsonjava serialization https://www.ruby-lang.org/en/news/2026/04/21/erb-cve-2026-41316/ CVE-2026-41316: ERB @_init deserialization guard bypass via def_module / def_method / def_class |... We published security advisory for CVE-2026-41316. https://www.sentinelone.com/vulnerability-database/cve-2024-8502/ CVE-2024-8502: AgentScope Deserialization RCE Vulnerability CVE-2024-8502 is a remote code execution vulnerability in modelscope/agentscope. Learn about its impact, affected versions, and mitigation methods. cveagentscopedeserializationrcevulnerability https://www.fortra.com/security/advisories/product-security/fi-2025-012 Deserialization Vulnerability in GoAnywhere MFT's License Servlet deserializationvulnerabilitygoanywheremftlicense https://www.drupal.org/project/views_dynamic_fields/issues/3056600 Drupal module - Views Dynamic Fields - insecure deserialization [#3056600] | Drupal.org May 23, 2019 - Note: The description will be also posted on fulldisclosure mailing list. Drupal module - Views Dynamic Fields - insecure deserialization... drupal moduledynamic fieldsviewsinsecuredeserialization https://portswigger.net/bappstore/228336544ebe4e68824b5146dbbd93ae Java Deserialization Scanner - PortSwigger Performs active and passive scans to detect Java deserialization vulnerabilities. javadeserializationscannerportswigger https://portswigger.net/web-security/deserialization/exploiting/lab-deserialization-using-application-functionality-to-exploit-insecure-deserialization Lab: Using application functionality to exploit insecure deserialization | Web Security Academy This lab uses a serialization-based session mechanism. A certain feature invokes a dangerous method on data provided in a serialized object. To solve the ... web securitylabusingapplicationfunctionality https://www.openwall.com/lists/oss-security/2023/07/25/11 oss-security - CVE-2023-38647: Apache Helix: Deserialization vulnerability in Helix workflow and... https://openwall.com/lists/oss-security/2026/04/12/6 oss-security - CVE-2026-35337: Apache Storm Client: RCE through Unsafe Deserialization via Kerberos... https://www.sentinelone.com/vulnerability-database/cve-2024-30221/ CVE-2024-30221: Sunshine Photo Cart Deserialization Flaw CVE-2024-30221 is a deserialization vulnerability in Sunshine Photo Cart. Learn about its impact, affected versions, and mitigation methods. sunshine photo cartcvedeserializationflaw https://hashnode.com/posts/serialization-and-deserialization-in-js/69b7a480f4eb2f8b045f4b99 Discussion on "Serialization and Deserialization in JS" | Hashnode Discussion on "Serialization and Deserialization in JS". While the title and sub includes a lot of heavy Jargons throughout this blog I explain each one... discussionserializationjshashnode https://openwall.com/lists/oss-security/2026/02/27/4 oss-security - OSEC-2026-01 in the OCaml runtime: Buffer Over-Read in OCaml Marshal Deserialization https://www.mail-archive.com/issues@flink.apache.org/msg820770.html Re: [PR] [FLINK-39200][mysql] Skip insert/update/delete binlog deserialization of unsubscribed... https://typo3.org/security/advisory/typo3-core-sa-2019-026/ TYPO3-CORE-SA-2019-026: Insecure Deserialization in Query Generator & Query View - TYPO3 Project It has been discovered that TYPO3 CMS is vulnerable to insecure deserialization. https://www.sentinelone.com/vulnerability-database/cve-2026-35537/ CVE-2026-35537: Roundcube Webmail Deserialization Flaw CVE-2026-35537 is an unsafe deserialization vulnerability in Roundcube Webmail. Learn about its impact, affected versions, and mitigation methods. roundcube webmailcvedeserializationflaw https://www.sentinelone.com/vulnerability-database/cve-2024-24797/ CVE-2024-24797: ERE Recently Viewed Deserialization Flaw CVE-2024-24797 is a deserialization vulnerability in ERE Recently Viewed Essential Real Estate Add-On. Learn about its impact, affected versions, and fixes. recently viewedcveeredeserializationflaw https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00007 WatchGuard Firebox Insecure Deserialization in Fireware Access Portal | WatchGuard Technologies Mar 26, 2026 - An Insecure Deserialization vulnerability in WatchGuard Fireware OS allows an attacker that has obtained write access to the local filesystem through another... watchguard fireboxaccess portalinsecuredeserializationtechnologies https://www.sentinelone.com/vulnerability-database/cve-2024-9070/ CVE-2024-9070: BentoML Deserialization RCE Vulnerability CVE-2024-9070 is a deserialization RCE vulnerability in BentoML runner server. Learn about its impact, affected versions, and mitigation methods. cvebentomldeserializationrcevulnerability https://hackaday.com/tag/deserialization/ Deserialization | Hackaday deserializationhackaday https://www.telerik.com/forums/error-during-serialization-or-deserialization-using-the-json-javascriptserializer-the-length-of-the-string-exceeds-the-value-set-on-the-maxjsonlength- Error during serialization or deserialization using the JSON JavaScriptSerializer. The length of... Hello, I have a web application that uses RadTreeView control for displaying data. When displaying large amount of data, it throws following error: "Error du... errorserialization https://github.com/joaomatosf/jexboss GitHub - joaomatosf/jexboss: JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and... JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool - joaomatosf/jexboss githubjbossjavadeserializationvulnerabilities https://www.ibm.com/support/pages/node/7185949 Security Bulletin: Arbitrary QPY Execution in Qiskit SDK QPY Deserialization 13 A maliciously crafted QPY payload can potential execute arbitrary-code embedded in the payload without privilege escalation when deserialising QPY format... security bulletinarbitraryexecutionqiskitsdk https://www.huawei.com/en/psirt/security-advisories/2021/huawei-sa-20210619-01-injection-en Security Advisory - Deserialization Vulnerability in Huawei AnyOffice Product security advisorydeserializationvulnerabilityhuaweiproduct https://www.sonatype.com/blog/jackson-databind-the-end-of-the-blacklist How to Secure Jackson-Databind Deserialization Vulnerability Our October Nexus Intelligence Insight takes a second look at a popular component that's both a blessing and a curse to developers - jackson-databind. how tosecurejacksondeserializationvulnerability https://www.openwall.com/lists/oss-security/2025/11/19/1 oss-security - CVE-2025-64408: Apache Causeway: Java deserialization vulnerability to authenticated... https://www.codementor.io/xml-deserialization-experts Xml deserialization Expert Help Online (May 2026) - Codementor Get help from Xml deserialization experts in 6 minutes. Our on-demand, Xml deserialization experts are always ready to lend their expertise to you ASAP. expert helpxmldeserializationonlinemay https://www.exploit-db.com/exploits/41613 IBM WebSphere - RCE Java Deserialization (Metasploit) - Windows remote Exploit Mar 15, 2017 - IBM WebSphere - RCE Java Deserialization (Metasploit). CVE-2015-7450 . remote exploit for Windows platform ibm webspherewindows remotercejavadeserialization https://mail-archive.com/jobs@airflow.apache.org/msg88136.html [GH] (airflow/callable-deserialization-01-64609): Workflow run "Tests" failed! workflow runghairflowcallabledeserialization https://www.sentinelone.com/vulnerability-database/cve-2025-15610/ CVE-2025-15610: RightFax Deserialization Vulnerability CVE-2025-15610 is a deserialization vulnerability in OpenText RightFax. Learn about its impact, affected versions, and mitigation methods. cverightfaxdeserializationvulnerability https://www.hitachi.com/products/it/software/security/info/vuls/HS16-010/index.html Apache Commons Collections deserialization Vulnerability in Hitachi Command Suite: Software... The Software Vulnerability Information website provides security information about middleware offered by Hitachi. apache commonscollectionsdeserializationvulnerabilityhitachi https://www.digitalocean.com/community/tutorials/python-pickle-example?comment=177744 Python Pickle Example: A Guide to Serialization & Deserialization | DigitalOcean Learn Python pickle with clear examples: dump/load, protocols, secure unpickling practices, comparisons to json, and when (not) to use pickle. a guide topythonpickleexampleserialization https://snyk.io/blog/swift-deserialization-security-primer/ Swift deserialization security primer | Snyk Jul 18, 2023 - This blog will detail deserialization vulnerabilities in Swift that can occur when using the popular APIs, NScoding and NSSecureCoding, and how to prevent it... swiftdeserializationsecurityprimersnyk https://www.redhat.com/ko/blog/jdk-approach-address-deserialization-vulnerability JDK approach to address deserialization vulnerability Java Deserialization of untrusted data has been a security buzzword for the past couple of years with almost every application using native Java serialization... jdkapproachaddressdeserializationvulnerability https://snyk.io/blog/unsafe-deserialization-snakeyaml-java-cve-2022-1471/ Unsafe deserialization in SnakeYaml - Exploring CVE-2022-1471 | Snyk Dec 13, 2022 - SnakeYaml, a YAML 1.1 parser and emitter for Java, has been reported as vulnerable to CVE-2022-1471, a deserialization vulnerability that can lead to arbitrary... unsafedeserializationsnakeyamlexploringcve https://snyk.io/jp/blog/jackson-deserialization-vulnerability/ Jackson Deserialization Vulnerability | Snyk Aug 21, 2019 - On July 29th, 2019 a high severityDeserialization of Untrusted Data vulnerability (CVE-2019-14379,CVE-2019-14439) affecting all versions of... jacksondeserializationvulnerabilitysnyk https://www.mail-archive.com/issues@paimon.apache.org/msg27911.html Re: [PR] feat: implement BinaryRow deserialization for partition bytes [paimon-rust] prfeatimplement https://www.digitalocean.com/community/tutorials/python-pickle-example?comment=177749 Python Pickle Example: A Guide to Serialization & Deserialization | DigitalOcean Learn Python pickle with clear examples: dump/load, protocols, secure unpickling practices, comparisons to json, and when (not) to use pickle. a guide topythonpickleexampleserialization https://www.mail-archive.com/issues@flink.apache.org/msg820771.html Re: [PR] [FLINK-39200][mysql] Skip insert/update/delete binlog deserialization of unsubscribed... https://www.exploit-db.com/exploits/42394 Jenkins 1.650 - Java Deserialization - Java remote Exploit jenkinsjavadeserializationremoteexploit https://www.exploit-db.com/papers/47655 YAML Deserialization Attack in Python Nov 13, 2019 - YAML Deserialization Attack in Python yamldeserializationattackpython https://www.openwall.com/lists/oss-security/2025/12/18/2 oss-security - CVE-2025-66524: Apache NiFi: Deserialization of Untrusted Data in GetAsanaObject... https://metacpan.org/release/HEYTRAV/Hessian-Translator-1.01 Hessian-Translator-1.01 - Base class for Hessian serialization/deserialization. - metacpan.org Base class for Hessian serialization/deserialization. base classhessiantranslator https://noti.st/lu513n/sDPcEF/java-deserialization Java Deserialization javadeserialization https://www.mail-archive.com/issues@paimon.apache.org/msg27909.html Re: [PR] feat: implement BinaryRow deserialization for partition bytes [paimon-rust] prfeatimplement https://pub.dev/documentation/firestorm/latest/rdb_helpers_rdb_deserialization_helper/ rdb_deserialization_helper library - Dart API rdb_deserialization_helper library API docs, for the Dart programming language. rdbdeserializationhelperlibrarydart https://www.mail-archive.com/dev%40mina.apache.org/msg39312.html CVE-2022-45047: Apache MINA SSHD: Java unsafe deserialization vulnerability cveapacheminasshdjava https://www.sentinelone.com/vulnerability-database/cve-2026-40044/ CVE-2026-40044: Pachno Deserialization RCE Vulnerability CVE-2026-40044 is a deserialization RCE vulnerability in Pachno 1.0.6. Learn about its impact, affected versions, and mitigation methods. cvedeserializationrcevulnerability https://portswigger.net/web-security/deserialization/exploiting/lab-deserialization-exploiting-java-deserialization-with-apache-commons Lab: Exploiting Java deserialization with Apache Commons | Web Security Academy This lab uses a serialization-based session mechanism and loads the Apache Commons Collections library. Although you don't have source code access, you can ... apache commonsweb securitylabexploitingjava https://github.com/michiel/jsonapi-rust GitHub - michiel/jsonapi-rust: Rust library for serialization, deserialization and working with... Rust library for serialization, deserialization and working with JSON-API data - michiel/jsonapi-rust rust librarygithubmichieljsonapi https://www.digitalocean.com/community/tutorials/python-pickle-example?comment=177743 Python Pickle Example: A Guide to Serialization & Deserialization | DigitalOcean Learn Python pickle with clear examples: dump/load, protocols, secure unpickling practices, comparisons to json, and when (not) to use pickle. a guide topythonpickleexampleserialization https://www.mail-archive.com/issues@flink.apache.org/msg820772.html Re: [PR] [FLINK-39200][mysql] Skip insert/update/delete binlog deserialization of unsubscribed... https://www.mail-archive.com/announce@apache.org/msg07040.html CVE-2022-23302: Deserialization of untrusted data in JMSSink in Apache Log4j 1.x https://dev.to/pentest_testing_corp/prevent-insecure-deserialization-in-laravel-a-comprehensive-guide-1mcc Prevent Insecure Deserialization in Laravel: A Comprehensive Guide - DEV Community Introduction Insecure deserialization is a critical web application vulnerability that can... Tagged with cybersecurity, vulnerabilities, laravel, php. a comprehensive guidepreventinsecuredeserializationlaravel https://snyk.io/de/blog/jackson-deserialization-vulnerability/ Jackson Deserialization Vulnerability | Snyk Aug 21, 2019 - On July 29th, 2019 a high severityDeserialization of Untrusted Data vulnerability (CVE-2019-14379,CVE-2019-14439) affecting all versions of... jacksondeserializationvulnerabilitysnyk https://www.openwall.com/lists/oss-security/2025/12/09/1 oss-security - CVE-2025-26866: Apache HugeGraph-Server: RAFT and deserialization vulnerability apache hugegraph https://www.pluralsight.com/courses/specialized-testing-deserialization Specialized Testing: Deserialization specialized testingdeserialization https://openwall.com/lists/oss-security/2026/04/13/7 oss-security - CVE-2026-33858: Apache Airflow: Unsafe Deserialization via Legacy Serialization Keys... https://pickleescape.xyz/ Pickle Escape - Python Pickle Deserialization Security Challenge Python Pickle Deserialization Security Challenge - Can you escape the sandbox? pickleescapepythondeserializationsecurity https://www.paloaltonetworks.com/blog/tag/deserialization/ Deserialization Blogs | Palo Alto Networks Read the latest blogs and insights about Deserialization from Palo Alto Networks experts. palo altodeserializationblogsnetworks https://www.digitalocean.com/community/tutorials/python-pickle-example?comment=177750 Python Pickle Example: A Guide to Serialization & Deserialization | DigitalOcean Learn Python pickle with clear examples: dump/load, protocols, secure unpickling practices, comparisons to json, and when (not) to use pickle. a guide topythonpickleexampleserialization https://www.c-sharpcorner.com/topics/deserialization-of-a-class-in-a-file deserialization of a class in a file Resources a classdeserializationfileresources https://www.sentinelone.com/vulnerability-database/cve-2024-10553/ CVE-2024-10553: H2O Deserialization RCE Vulnerability CVE-2024-10553 is a deserialization RCE vulnerability in H2O REST API. Learn about its impact, affected versions, and mitigation methods. cvedeserializationrcevulnerability https://www.c-sharpcorner.com/article/json-serialization-and-deserialization-in-c-sharp2/ JSON Serialization and Deserialization in C# JSON serialization and deserialization in C#! Learn the ropes with Newtonsoft.Json (Json.NET) or the built-in System.Text.Json. Level up your data interchange... json serializationdeserializationc https://portswigger.net/web-security/deserialization Insecure deserialization | Web Security Academy In this section, we'll cover what insecure deserialization is and describe how it can potentially expose websites to high-severity attacks. We'll highlight ... web securityinsecuredeserializationacademy https://www.mail-archive.com/issues@flink.apache.org/msg820851.html Re: [PR] [FLINK-39200][mysql] Skip insert/update/delete binlog deserialization of unsubscribed... https://www.sentinelone.com/vulnerability-database/cve-2024-23513/ CVE-2024-23513: PropertyHive Deserialization Vulnerability CVE-2024-23513 is a deserialization vulnerability in PropertyHive through version 2.0.5. Learn about its impact, affected versions, and mitigation methods. cvedeserializationvulnerability