News

CSOonline3y
Java deserialization vulnerabilities explained and how to defend against them
Java provides a means to conveniently serialize data to maintain its integrity as it's sent over a network. Attackers can exploit vulnerabilities in the deserialization process if there aren't ...
ZDNet6y
Deserialization issues also affect Ruby, not just Java, PHP, and .NET
The Ruby programming language is impacted by a similar "deserialization issue" that has affected and wreaked havoc in the Java ecosystem in 2016; an issue that later also proved to be a problem ...
InfoQ9y
Remotely Exploitable Java Zero Day Exploits through Deserialization
A monthly overview of things you need to know as an architect or aspiring architect.
PC World9y
PayPal is the latest victim of Java deserialization bugs in Web apps
The vulnerability is part of a class of bugs that stem from Java object deserialization and which security researchers have warned about a year ago. In programming languages, serialization is the ...
adtmag.com6y
Oracle's Latest CPU Patches 3-Year-Old Deserialization Flaw
which is a Java deserialization vulnerability caused by the Apache Commons FileUpload dependency. Java object serialization is the process of converting an object into a stream of bytes for transport ...
CIO4mon
PayPal is the latest victim of Java deserialization bugs in Web apps
The vulnerability is part of a class of bugs that stem from Java object deserialization and which security researchers have warned about a year ago. In programming languages, serialization is the ...