writeups.xyz / Detecting Jackson deserialization vulnerabilities with CodeQL

Submitter : c2a

Date: 2 August 2021

Bounty : 4,500

Vulnerabilities :

• Insecure Deserialization

Programs :

• GitHub

Authors :

• Artem Smotrakov (@Artem_smotrakov)

Link :
https://blog.gypsyengineer.com/en/security/detecting-jackson-deserialization-vulnerabilities-with-codeql.html