Deserialization Bugs in the Wild
A totally unscientific analysis of deserialization vulns found in the wild
What is insecure deserialization?
Serialization is a process during which an object in a programming language (say, a Java object) is converted into a format that can be saved to the database or transferred over a network. Whereas…