{"id":13389897,"url":"https://github.com/Coalfire-Research/java-deserialization-exploits","last_synced_at":"2025-03-13T14:32:20.602Z","repository":{"id":43806223,"uuid":"60105475","full_name":"Coalfire-Research/java-deserialization-exploits","owner":"Coalfire-Research","description":"A collection of curated Java Deserialization Exploits","archived":false,"fork":false,"pushed_at":"2021-05-16T23:10:49.000Z","size":54002,"stargazers_count":594,"open_issues_count":3,"forks_count":219,"subscribers_count":41,"default_branch":"main","last_synced_at":"2025-03-09T01:49:57.584Z","etag":null,"topics":["cve","deserialization-rce","exploits","java"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Coalfire-Research.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-05-31T16:23:08.000Z","updated_at":"2025-03-08T00:35:43.000Z","dependencies_parsed_at":"2022-08-28T12:21:56.210Z","dependency_job_id":null,"html_url":"https://github.com/Coalfire-Research/java-deserialization-exploits","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Coalfire-Research%2Fjava-deserialization-exploits","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Coalfire-Research%2Fjava-deserialization-exploits/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Coalfire-Research%2Fjava-deserialization-exploits/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Coalfire-Research%2Fjava-deserialization-exploits/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Coalfire-Research","download_url":"https://codeload.github.com/Coalfire-Research/java-deserialization-exploits/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243422698,"owners_count":20288503,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cve","deserialization-rce","exploits","java"],"created_at":"2024-07-30T13:01:38.396Z","updated_at":"2025-03-13T14:32:15.581Z","avatar_url":"https://github.com/Coalfire-Research.png","language":"Python","readme":"# Java Deserialization Exploits\nA collection of curated Java Deserialization Exploits\n\nCurrently this repo contains exploits for the following vulnerabilities:\n\n- Cisco Prime Infrastructure Java Deserialization RCE (CVE-2016-1291)\n- IBM WebSphere Java Object Deserialization RCE (CVE-2015-7450)\n- OpenNMS Java Object Deserialization RCE (No CVE ?)\n- Jenkins CLI RMI Java Deserialization RCE (CVE-2015-8103)\n- Jenkins Groovy XML RCE (CVE-2016-0792)\n- Oracle WebLogic Server Java Object Deserialization RCE (CVE-2016-3510)\n- JBoss Java Deserialization RCE (CVE-2015-7501)\n","funding_links":[],"categories":["Python","Python (1887)"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FCoalfire-Research%2Fjava-deserialization-exploits","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FCoalfire-Research%2Fjava-deserialization-exploits","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FCoalfire-Research%2Fjava-deserialization-exploits/lists"}