Execute commands by sending JSON? Learn how unsafe deserialization vulnerabilities work in Ruby projects

Can an attacker execute arbitrary commands on a remote server just by sending JSON? Yes, if the running code contains unsafe deserialization vulnerabilities. But how is that possible? In this blog post, we’ll describe how unsafe deserialization vulnerabilities work and how you can detect them in Ruby projects.

The post Execute commands by sending JSON? Learn how unsafe deserialization vulnerabilities work in Ruby projects appeared first on The GitHub Blog.

Posted from: this blog via Microsoft Power Automate.

Hot Posts

Execute commands by sending JSON? Learn how unsafe deserialization vulnerabilities work in Ruby projects

Posted by Types Digital Programming

Popular Post

Amazon Clinic is now Amazon One Medical’s Pay-per-visit telehealth service—here’s what it means for our customers

Attack of the clones: Getting RCE in Chrome’s renderer with duplicate object properties

Lambda Sorted in Python – How to Lambda Sort a List

Fine-tuning Florence-2 - Microsoft's Cutting-edge Vision Language Models

Twitter

Subscribe Us

Subscribe Us

Most Popular

Amazon Clinic is now Amazon One Medical’s Pay-per-visit telehealth service—here’s what it means for our customers

Attack of the clones: Getting RCE in Chrome’s renderer with duplicate object properties

Lambda Sorted in Python – How to Lambda Sort a List

Fine-tuning Florence-2 - Microsoft's Cutting-edge Vision Language Models

I lead HR at Amazon. Here are 3 career-building tips based on the company's Leadership Principles

XLSCOUT Unveils ParaEmbed 2.0: a Powerful Embedding Model Tailored for Patents and IP with Expert Support from Hugging Face

Beginner’s guide to GitHub repositories: How to create your first repo

Closing vulnerabilities in Decidim, a Ruby-based citizen participation platform

AWS can help reduce the carbon footprint of AI workloads by up to 99%. Here’s how.

I get paid to break Kindle devices. These are 10 of the stress tests my team runs on prototypes before a new device hits shelves.

Facebook

Tags

Categories

Tags

About Me

Search This Blog

Metrocool AXI

Random Posts

Popular Posts

Amazon Clinic is now Amazon One Medical’s Pay-per-visit telehealth service—here’s what it means for our customers

Attack of the clones: Getting RCE in Chrome’s renderer with duplicate object properties

Lambda Sorted in Python – How to Lambda Sort a List

Footer Menu Widget

Contact form

Hot Posts

Execute commands by sending JSON? Learn how unsafe deserialization vulnerabilities work in Ruby projects

Posted by Types Digital Programming

You may like these posts

Popular Post

Twitter

Subscribe Us

Social Plugin

Subscribe Us

Most Popular

Facebook

Tags

Categories

Tags

About Me

Search This Blog

Metrocool AXI

Random Posts

Popular Posts

Footer Menu Widget

Contact form