Statements (28)
Predicate | Object |
---|---|
gptkbp:instanceOf |
Security Vulnerability
|
gptkbp:affects |
Software Applications
|
gptkbp:cause |
gptkb:Privilege_Escalation
gptkb:Denial_of_Service gptkb:Authentication_Bypass Remote Code Execution Data Tampering |
gptkbp:commonIn |
.NET Applications
Java Applications PHP Applications Python Applications Ruby Applications |
gptkbp:describedBy |
gptkb:OWASP_Top_Ten
gptkb:CWE-502 |
gptkbp:detects |
gptkb:Dynamic_Application_Security_Testing
Static Code Analysis Manual Code Review |
gptkbp:exploits |
Malicious Payloads
|
gptkbp:firstDescribed |
Early 2000s
|
https://www.w3.org/2000/01/rdf-schema#label |
Insecure Deserialization
|
gptkbp:mitigatedBy |
Input Validation
Avoiding Native Deserialization Deserialization Whitelisting Integrity Checks |
gptkbp:requires |
User-supplied Serialized Data
|
gptkbp:riskFactor |
High
|
gptkbp:bfsParent |
gptkb:Software_and_Data_Integrity_Failures
|
gptkbp:bfsLayer |
6
|