CSOonline

Java deserialization vulnerabilities explained and how to defend against them

Java provides a means to conveniently serialize data to maintain its integrity as it's sent over a network. Attackers can exploit vulnerabilities in the deserialization process if there aren't ...
Visual Studio Magazine

Serialize Arrays and ArrayLists to XML

The XmlSerializer class provides a great way to convert (serialize) objects to XML and back (deserialize). However, it can be difficult to serialize collections such as Arrays and ArrayLists properly ...
adtmag.com

Removing Serialization from Java Is a 'Long-Term Goal' at Oracle

Oracle's chief architect says his company intends to remove serialization from Java -- eventually. Answering a question during a live-streamed session at the recent Devoxx UK 2018 conference called ...
InfoWorld

Ensure proper version control for serialized objects

Java’s Serializable interface provides an easy-to-use programming interface for converting between a runtime object and a byte stream. Serialization involves mapping a runtime object or an object ...