Statements (23)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:Common_Weakness_Enumeration
|
| gptkbp:affects |
Applications that deserialize data
|
| gptkbp:category |
Software Weakness
|
| gptkbp:cause |
gptkb:Denial_of_Service
gptkb:Security_Bypass Remote Code Execution |
| gptkbp:describes |
Deserialization of data from untrusted sources without proper validation
|
| gptkbp:documentedIn |
gptkb:MITRE
|
| gptkbp:example |
gptkb:Java_deserialization_vulnerability
gptkb:Python_pickle_deserialization_vulnerability |
| gptkbp:externalLink |
https://cwe.mitre.org/data/definitions/502.html
|
| gptkbp:mitigatedBy |
Avoid deserializing data from untrusted sources
Implement integrity checks Use safe serialization formats Validate and sanitize all serialized data |
| gptkbp:name |
Deserialization of Untrusted Data
|
| gptkbp:partOf |
gptkb:CWE_Top_25_Most_Dangerous_Software_Weaknesses
|
| gptkbp:relatedTo |
gptkb:Insecure_Deserialization
|
| gptkbp:vulnerableTo |
502
|
| gptkbp:bfsParent |
gptkb:CWE
gptkb:CVE-2021-44228 |
| gptkbp:bfsLayer |
7
|
| https://www.w3.org/2000/01/rdf-schema#label |
CWE-502
|