Why Are Deserialization Vulnerabilities So Popular?

7 years ago

In 2017, around 60 remote code execution (RCE) deserialization vulnerabilities were reported, not including deserialization issues that only impact the availability of a system (Denial-of-Service), according to cvedetails.com. To date, in 2018, more than 80 such vulnerabilities have been reported. In the past, WebLogic, Oracle’s Enterprise Java application server, has been extensively patched against deserialization issues.

The latest October 2018 Oracle Critical Patch Update (CPU) fixes another series of deserialization issues in WebLogic.

Because of this, I am often asked why Java deserialization vulnerabilities are being discovered so frequently? Is there a fun…
DZone Security Zone

Written By

Pavlos Papadopoulos

TheLatestTechNews, the go-to platform for all the latest in the world of technology. Our website brings you up-to-date information on the latest and greatest in the technological sphere, from software updates and gadget releases to breakthroughs in science and space exploration.

Tech content on this site may include contributed articles and partnerships with industry voices. Learn more in our Editorial Policy.

Comments

Why Are Deserialization Vulnerabilities So Popular?

Written By

Pavlos Papadopoulos

Leave a Reply Cancel reply

More Recent Posts

How to Convert OLM emails to MSG format | Verified Solutions

How Hutfin Leverages AI Tools to Bring Smarter Real Estate Investing to Tech Fans

Convert VCF to vCard Contact File Without Losing Data

Why Cloud Solutions in Mumbai Are Transforming Digital Growth for Enterprises

Top WooCommerce Open Pricing Plugins for Flexible Product Pricing