Tag: FastJson

Cybersecurity Threat Advisory: FastJson versions vulnerable to deserialization

A new version of FastJson has been released and has patched a vulnerability which allows malicious actors to utilize “AutoTypeCheck” mechanism and achieve remote code execution in FastJson. All Java applications that pass user-controlled data to either the JSON.parse or...