Vulnerability — CVE-2022-25845

CVE-2022-25845

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2022-25845
Description:: The package com.alibaba:fastjson before 1.2.83 are vulnerable to Deserialization of Untrusted Data by bypassing the default autoType shutdown restrictions, which is possible under certain conditions. Exploiting this vulnerability allows attacking remote servers. Workaround: If upgrading is not possible, you can enable [safeMode](https://github.com/alibaba/fastjson/wiki/fastjson_safemode).
Last updated date:: 02/23/2023

Type:: exploit
Confidence:: HIGH
Date of publishing:: 07/09/2022
Reference url to background: https://github.com/Expl0desploit/CVE-2022-25845

Type:: exploit
Confidence:: HIGH
Date of publishing:: 11/07/2024
Reference url to background: https://github.com/luelueking/CVE-2022-25845-In-Spring