IEEE

Improving Java Deserialization Gadget Chain Mining via Overriding-Guided Object Generation

Abstract: Java (de)serialization is prone to causing security-critical vulnerabilities that attackers can invoke existing methods (gadgets) on the application's classpath to construct a gadget chain ...
TheServerSide

Five ways to fix the 'no persistence.xml file found' error in Eclipse

Community driven content discussing all aspects of software development from DevOps to design patterns. The hardest part about learning Hibernate and JPA 3 is how to get your first project up and ...
GitHub

Java Classpath Broken #207

Something must have changed with a recent update because it used to parse the classpath parameter correctly without the need to enclose it in a call to cygpath. It would be nice if JRE for Windows ...
GitHub

StaticHandler disclosure of classpath resources on Windows when mounted on a wildcard route

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack vector: More severe the more the remote (logically and ...
InfoWorld

Gradle upgrade builds Java apps faster for Android

Gradle, the build system of choice for Android mobile development, has been upgraded with better support for building Java applications. Gradle 3.4 offers fast incremental results and “the end of ...
InfoWorld

Locating The Classpath Definition Used in Java Code

In a previous blog posting, I listed some “everyday problems” Java developers will often face and included some ideas and links related to addressing these issues. One of the focal points of that post ...