CVEs-PoC/2020/CVE-2020-9493.md

### [CVE-2020-9493](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9493)
![](https://img.shields.io/static/v1?label=Product&message=Apache%20Chainsaw&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=Apache%20Chainsaw%3C%202.1.0%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%20Deserialization%20of%20Untrusted%20Data&color=brighgreen)

### Description

A deserialization flaw was found in Apache Chainsaw versions prior to 2.1.0 which could lead to malicious code execution.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/GavinStevensHoboken/log4j
- https://github.com/OWASP/www-project-ide-vulscanner
- https://github.com/RihanaDave/logging-log4j1-main
- https://github.com/albert-liu435/logging-log4j-1_2_17
- https://github.com/apache/logging-log4j1
- https://github.com/jjtroberts/dso-argo-workflow
- https://github.com/whitesource/log4j-detect-distribution