1.2.38

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-10	CVE-2022-25845	Deserialization of Untrusted Data vulnerability in multiple products The package com.alibaba:fastjson before 1.2.83 are vulnerable to Deserialization of Untrusted Data by bypassing the default autoType shutdown restrictions, which is possible under certain conditions. network low complexity alibaba oracle CWE-502 critical	9.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.