November 2015

« October 2015 | Main Index | Archives | December 2015 »

9
Nov
2015

The Java Deserialization Bug

Arbitrary object deserialization (or marshalling, or un-pickling, whatever your language calls it) is inherently unsafe, and should never be performed on untrusted data.
« October 2015 | Main Index | Archives | December 2015 »