In-Depth Java Deserialization Remote-Code Execution Exploits and Vulnerabilities
Nowadays, an increasing number of applications uses deserialization. This technique, based on rebuilding the instance of objects from serialized byte streams, can be dangerous since it can open the application to attacks such as remote code execution (RCE... (more…)
Read more »