Serialization and Deserialization in Python Code

News

Deserialization issues also affect Ruby, not just Java, PHP, and .NET

The Ruby programming language is impacted by a similar "deserialization issue" that has affected and wreaked havoc in the Java ecosystem in 2016; an issue that later also proved to be a problem ...

CSOonline4mon

Attackers hide malicious code in Hugging Face AI model Pickle files

or in Python terminology: pickling and unpickling. The process of serialization and deserialization, especially of input from untrusted sources, has been the cause of many remote code execution ...

CSOonline3y

Java deserialization vulnerabilities explained and how to defend against them

Java provides a means to conveniently serialize data ... attackers execute arbitrary code on vulnerable servers. The cause of the vulnerability? Unsafe deserialization and exposed ports.

ZDNet9y

IBM discovers Android serialization vulnerability allows arbitrary code execution

IBM's x-force application security research team has discovered a security vulnerability in the way that Android handles deserialization ... serialization process. "Since the generated vulnerable ...

PC World9y

PayPal is the latest victim of Java deserialization bugs in Web apps

The vulnerability is part of a class of bugs that stem from Java object deserialization and which security researchers have warned about a year ago. In programming languages, serialization is the ...

Results that may be inaccessible to you are currently showing.

Hide inaccessible results