Serialization and deserialization in Java: explaining the Java deserialize vulnerability
5y agoen
Source
Java serialization —and deserialization in particular — is known as “the gift that keeps on giving” because it has produced many security issues and vulnerabilities over the years.
You might also wanna read
Understanding Deserialization Attacks
Packetlabs·1y ago
Why Java developers should care about the hidden cost of every byte in their classes
The article discusses how Java developers often overlook the performance cost of adding fields to classes, focusing instead on asymptotic al
Re-examining the 'Billion Dollar Mistake': Why Null Pointers Are Not the Primary Memory Safety Problem
The article challenges the conventional wisdom about null pointers being a 'Billion Dollar Mistake' by Tony Hoare. It argues that null point
Microsoft releases critical security patch for SharePoint deserialization vulnerability
Microsoft has released May updates for SharePoint servers that patch a highly critical security vulnerability (CVE-2026-45659, CVSS 8.8). Th
The Fundamental Flaw in Programming Languages: Data vs Objects and Design Limitations
The article critiques modern programming languages for failing to support good design decisions, particularly in distinguishing between data
Technical Analysis: Why SocketAddrV6 Fails Roundtrip Serialization in Rust
The article details a technical investigation into a serialization bug involving IPv6 addresses in Rust programming. The issue arose when a

Comments
Sign in to join the conversation.
No comments yet. Be the first.