THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
Log in
Skip to sidebar
Skip to main content
Apache Software Foundation
Spaces
Hit enter to search
Help
Online Help
Keyboard Shortcuts
Feed Builder
What’s new
What’s new
Available Gadgets
About Confluence
Log in
OFBiz Project Open Wiki
Pages
Space shortcuts
How-to articles
Child pages
Keeping OFBiz secure
The infamous Java serialization vulnerability
Browse pages
Configure
Space tools
View Page
A
t
tachments (0)
Page History
Page Information
View in Hierarchy
View Source
Delete comments
Export to PDF
Export to Word
Copy Page Tree
Pages
…
Home
Documentation
Technical Documentation
Keeping OFBiz secure
The infamous Java serialization vulnerability
Page Information
Title:
The infamous Java serialization vulnerability
Author:
Jacques Le Roux
Feb 16, 2016
Last Changed by:
Jacques Le Roux
Apr 27, 2021
Tiny Link:
(useful for email)
https://cwiki-test.apache.org/confluence/x/ePmnAw
Export As:
Word
·
PDF
Incoming Links
OFBiz Project Open Wiki (2)
Page:
Keeping OFBiz secure
Page:
Distributed Entity Cache Clear (DCC) Mechanism
Hierarchy
Parent Page
Page:
Keeping OFBiz secure
Labels
Global Labels (2)
serialization
vulnerability
Recent Changes
Time
Editor
Apr 27, 2021 19:59
Jacques Le Roux
View Changes
Better deny list
Apr 27, 2021 19:55
Jacques Le Roux
View Changes
Better deny list
Mar 21, 2021 13:14
Jacques Le Roux
View Changes
With OFBIZ-12167 adds a deny list
May 02, 2020 07:51
Jacques Le Roux
View Changes
Update about ObjectInputStream
Sep 12, 2019 07:49
Jacques Le Roux
View Page History
Outgoing Links
External Links (5)
https://github.com/kantega/notsoserial
https://tersesystems.com/2015/11/08/closing-the-open-door-o…
https://www.owasp.org/index.php/Deserialization_of_untruste…
https://cwiki.apache.org/confluence/pages/viewpage.action?p…
foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-…
OFBiz Project Open Wiki (2)
Page:
OFBiz Attic
Page:
Apache OFBiz PMC Members and Committers
Overview
Content Tools
Apps
{"serverDuration": 104, "requestCorrelationId": "c5ec1ed134dd699e"}