Deserialization injections occur when applications deserialize wholly or
partially untrusted data without verification.