Tag Archives: commons-collections

Deserialization - Featured Image

The Latest Victim of Deserialization-Gate

The Latest Victim of Deserialization-Gate

Last week the world was hit with what can be awarded the Vulnerability Of The Day for Java – the commons-collections deserialization vulnerability. The latest victim of the continued series of vulnerabilities comes from the Spring project with an implicating class that allows the same unsafe deserialisation vector in the spring-core. What makes this issue particularly

Top