Tag: FastJson
Cybersecurity Threat Advisory: FastJson versions vulnerable to deserialization
Cybersecurity Threat Advisory: FastJson versions vulnerable to deserialization
A new version of FastJson has been released and has patched a vulnerability which allows malicious actors to utilize “AutoTypeCheck” mechanism and achieve remote code execution in FastJson. All Java applications that pass user-controlled data to either the JSON.parse or...