Title: The infamous Java serialization vulnerability  
Author: Jacques Le Roux Feb 16, 2016
Last Changed by: Jacques Le Roux Apr 27, 2021
Tiny Link: (useful for email) https://cwiki-test.apache.org/confluence/x/ePmnAw
Export As: Word · PDF  
Incoming Links
OFBiz Project Open Wiki (2)
    Page: Keeping OFBiz secure
    Page: Distributed Entity Cache Clear (DCC) Mechanism
Hierarchy
Parent Page
    Page: Keeping OFBiz secure
Labels
Global Labels (2)
Recent Changes
Time Editor  
Apr 27, 2021 19:59 Jacques Le Roux View Changes
Better deny list
Apr 27, 2021 19:55 Jacques Le Roux View Changes
Better deny list
Mar 21, 2021 13:14 Jacques Le Roux View Changes
With OFBIZ-12167 adds a deny list
May 02, 2020 07:51 Jacques Le Roux View Changes
Update about ObjectInputStream
Sep 12, 2019 07:49 Jacques Le Roux  
Outgoing Links
External Links (5)
    https://github.com/kantega/notsoserial
    https://tersesystems.com/2015/11/08/closing-the-open-door-o…
    https://www.owasp.org/index.php/Deserialization_of_untruste…
    https://cwiki.apache.org/confluence/pages/viewpage.action?p…
    foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-…
OFBiz Project Open Wiki (2)     Page: OFBiz Attic
    Page: Apache OFBiz PMC Members and Committers