Labelled content

This list shows content tagged with the following label:

To add a label to the list of required labels, choose '+ labelname' from Related Labels.

Page:
SER13-J. Deserialization methods should not perform potentially dangerous operations (SEI CERT Oracle Coding Standard for Java)
Oct 06, 2016 • David Svoboda
- ser
- rule
Page:
SER12-J. Prevent deserialization of untrusted data (SEI CERT Oracle Coding Standard for Java)
Nov 11, 2015 • Will Klieber
- ser
- rule
Page:
SER09-J. Do not invoke overridable methods from the readObject() method (SEI CERT Oracle Coding Standard for Java)
Oct 09, 2009 • Dhruv Mohindra
Page:
SER01-J. Do not deviate from the proper signatures of serialization methods (SEI CERT Oracle Coding Standard for Java)
Sep 07, 2009 • Dhruv Mohindra
Page:
SER08-J. Minimize privileges before deserializing from a privileged context (SEI CERT Oracle Coding Standard for Java)
Jul 22, 2009 • Dhruv Mohindra
Page:
SER07-J. Do not use the default serialized form for classes with implementation-defined invariants (SEI CERT Oracle Coding Standard for Java)
Mar 03, 2009 • Dhruv Mohindra
Page:
SER11-J. Prevent overwriting of externalizable objects (SEI CERT Oracle Coding Standard for Java)
Mar 03, 2009 • Dhruv Mohindra
Page:
SER06-J. Make defensive copies of private mutable components during deserialization (SEI CERT Oracle Coding Standard for Java)
Mar 02, 2009 • Dhruv Mohindra
Page:
SER10-J. Avoid memory and resource leaks during serialization (SEI CERT Oracle Coding Standard for Java)
Mar 01, 2009 • Dhruv Mohindra
Page:
SER05-J. Do not serialize instances of inner classes (SEI CERT Oracle Coding Standard for Java)
Feb 28, 2009 • Dhruv Mohindra