VYPR

Sofa Hessian

by Softstack

CVEs (1)

  • CVE-2024-46983Sep 19, 2024
    risk 0.00cvss epss 0.01

    sofa-hessian is an internal improved version of Hessian3/4 powered by Ant Group CO., Ltd. The SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous classes for security protection. But there is a gadget chain that can bypass the…