(0Day) Microsoft Exchange ChainedSerializationBinder Deserialization of Untrusted Data Remote Code Execution Vulnerability
Recently, Apache MINA fixed an unsafe deserialization vulnerability. The bug exists in the class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider, an attacker could exploit this vulnerability to deserialize and thus achieve remote code execution. Track as CVE-2022-45047, the flaw severity is important.