The Ruby programming language is impacted by a similar "deserialization issue" that has affected and wreaked havoc in the Java ecosystem in 2016; an issue that later also proved to be a problem for ...

In this article we discuss a recent deserialization vulnerability we found in Relution (CVE-2023-48178), a mobile device management product that is popular among multinational German corporations. CVE ...

A recent blog post by FoxGlove Security that described remotely executable exploits against several major middleware products including WebSphere, WebLogic, and JBoss has focused attention on what ...

That particular Java deserialization flaw was so dangerous that Google engineers banded together in their free time to repair open-source Java libraries and limit the flaw's reach, patching over 2,600 ...

The .NET ecosystem is affected by a similar flaw that has wreaked havoc among Java apps and developers in 2016. The flaw is in how .NET coding libraries handle deserialization operations, leading to ...

Abstract: Java is one of the preferred options of modern developers and has become increasingly more prominent with the prevalence of the open-source culture. Thanks to the serialization and ...

Java Deserialization Scanner is a Burp Suite plugin aimed at adding active and passive detection of Java deserialization issues. It was written by Federico Dotta, a Security Expert at @ ...