CVE-2015-6420

example-java-maven Example Java (maven) repository containing fake data with vulnerable dependencies There is at least one vulnerable dependency in this repository: CVE-2015-6420: Vulnerability in Java Deserialization (webnvdnistgov/view/vuln/detail?vulnId=CVE-2015-6420) Run OWASP Dependency Check Maven Plugin mvn orgowasp:dependency-check-maven:check

proof-of-concept demonstration of unsafe object deserialization

Jvm Reverse Shell A proof-of-concept demonstration of unsafe Jvm object deserialization (CVE-2015-6420) This repository contains three standalone projects: payload-generator, our program that generates a serial binary payloadser containing the serialized malicious object (reverse shell backend) The file is ready-to-deploy victim, our victim server Vulnerable to CVE-2015-64

An automatic program repair tool for Android applications

apkRepair 这是一款可以对安卓应用程序apk安装包进行Java第三方库漏洞检测并自动修复的工具 Introduction 安卓目前是全球第一大智能手机操作系统，拥有丰富的应用程序。同时这些应用程序也越来越复杂，安卓应用程序发开人员为了简化发开流程往往会使用大量的第三方代码库来丰富应用程�

extraction of bytecode changes related to security patches

JPatch collect CVEs recorded in the sap-project-kb project, this will have patch commits, incl the actual sources that have been changed then look up version ranges, using GHSA API (or if this does not work, snyk or NVD) Open: need to map CVEs to GHSA id for query Possibilities: Clone githubcom/github/advisory-database/ and then get info from JSON entries , look fo

Example Java (maven) repository containing fake data with vulnerable dependencies

example-java-maven Example Java (maven) repository containing fake data with vulnerable dependencies There is at least one vulnerable dependency in this repository: CVE-2015-6420: Vulnerability in Java Deserialization (webnvdnistgov/view/vuln/detail?vulnId=CVE-2015-6420) Run OWASP Dependency Check Maven Plugin mvn orgowasp:dependency-check-maven:check