Uncovering Memory Defects In Cereal (CVE 2020-11104 & CVE-2020-11105)
ForAllSecure
MAY 26, 2020
Cereal supports serialization/deserialization for three basic archive types: binary, XML, and JSON. Two CVEs: CVE-2020-11104 and CVE-2020-11105. They were both reported in March 2020 to the cereal developers as part of our responsible disclosure. Watch EP 02 See TV Guide. n.serialize(archive); return 0; }.
Let's personalize your content