CVEs-PoC/2016/CVE-2016-9606.md at main

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-02-26 07:33:24 +00:00

Files

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

1.1 KiB

Raw Permalink Blame History

CVE-2016-9606

Description

JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could allow an attacker to execute arbitrary code with RESTEasy application permissions.

POC

Reference

No PoCs from references.

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/AdeliaNitzsche/Java-Deserialization-Cheat-Sheet
https://github.com/BrittanyKuhn/javascript-tutorial
https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
https://github.com/PalindromeLabs/Java-Deserialization-CVEs
https://github.com/klausware/Java-Deserialization-Cheat-Sheet
https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet

1.1 KiB Raw Permalink Blame History

CVE-2016-9606

Description

POC

Reference

Github

1.1 KiB

Raw Permalink Blame History