CVE-2021-25738| j0vsec
If you want to get in touch with me, you can send me a DM on Twitter or send me an email at j0vsec[@]protonmail.com.| j0vsec
What's insecure deserialization and how can it lead to insecure scenarios and even remote code execution?| j0vsec
Firebase is a startup which was founded in 2011. In 2014 Google acquired Firebase and since then the feature set of Firebase has become bigger and bigger. It contains features and APIs like databases, remote configuration, serverless functions, hosting, authentication and even machine learning. All these functions are really simple to implement by using the SDKs which they provide in many programming languages. The number of organisations which are using Firebase in their software is also gro...| j0vsec
Welcome at my brand new site. Currently, there’s not much here, but I’m working on some content. I want to publish some write-ups about my findings and security and development research here. So keep an eye open for further updates!| j0vsec
CVEs CVE-2021-25738 - Unsafe deserialization in Kubernetes Java client MITRE Blog post j0vsec.com Official announcement GitHub project CVE-2021-43798 - Grafana path traversal MITRE Blog post j0vsec.com Article Grafana blog Article The Daily Swig Article Detectlify Labs CVE-2021-4178 - Unsafe deserialization in Fabric8 Kubernetes client MITRE Bugzilla Red Hat Red Hat CVE page GitHub project CVE-2022-4230 - Authenticated SQL injection in WP Statistics MITRE WPScan page Acknowledgments Apple eBa...| j0vsec
Hi there 👋🏻! My name is Jordy Versmissen, on the internet I use the name ‘j0v’. I’m a software developer and ethical hacker by day and a bug bounty hunter by night. As bug bounty hunter I try to find vulnerabilities in websites and online systems and I report my findings to the company so they can fix it. Currently I’m active at the HackerOne and Intigriti platforms, you can find my profiles here:| j0vsec
Analyse and detection of CVE-2021-43798| j0vsec