IEEE

Improving Java Deserialization Gadget Chain Mining via Overriding-Guided Object Generation

Abstract: Java (de)serialization is prone to causing security-critical vulnerabilities that attackers can invoke existing methods (gadgets) on the application's classpath to construct a gadget chain ...
InfoQ

Java Explores Carrier Classes to Extend Data-Oriented Programming beyond Records

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
GitHub

Epic: Java Version Override Support in CI/CD

Enable building, testing, and releasing dotCMS with any Java version (e.g. 21, 25, 26+) without changing .sdkmanrc, while ensuring artifacts from different Java ...