CVE-2022-25845

Description from NVD

The package com.alibaba:fastjson before 1.2.83 are vulnerable to Deserialization of Untrusted Data by bypassing the default autoType shutdown restrictions, which is possible under certain conditions. Exploiting this vulnerability allows attacking remote servers. Workaround: If upgrading is not possible, you can enable [safeMode](https://github.com/alibaba/fastjson/wiki/fastjson_safemode).

Information Acquisition Date:2022-06-17T14:54Z
CVSS 2.0: 0.0 None CVSS 3.x: 8.1 HIGH

NVD References

 N/A
     source:CONFIRM
     tags:
 N/A
     source:CONFIRM
     tags:
 N/A
     source:CONFIRM
     tags:
 N/A
     source:CONFIRM
     tags:
 N/A
     source:CONFIRM
     tags:
 N/A
     source:CONFIRM
     tags:

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: Apache(1 tweets) Java(2 tweets) Wordpress(2 tweets)



List of frequently cited URLs

URLNum of Times Referred to
https://cvetrends.com55
https://jfrog.com/blog/cve-2022-25845-analyzing-the-fastjso...13
https://thehackernews.com/2022/06/high-severity-rce-vulnera...9
https://rssfeeds.cloudsite.builders/2022/06/14/cve-2022-258...4
https://opsmtrs.com/3tbAFrI3

▼ Show Information from Twitter(68)


List of frequently cited URLs

URLNum of Times Referred to
cvetrends.com55
jfrog.com13
thehackernews.com9
rssfeeds.cloudsite.builders4
opsmtrs.com3

▼ Show Information from Twitter(68)


GitHub Search Results: Up to 10
NameURL
No Data

GitHub Search Results: Up to 10
NameURL
No Data

2022/06/30 Score : 1
Added Har-sia Database : 2022/06/11
Last Modified : 2022/06/30
Highest Scored Date : 2022/06/16
Highest Score : 18