Deserialization penetration and attack and defense (3) Apache Commons Collections deserialization vulnerability

Enterprise 2023-04-16 16:24:30 views: null

Java Apache Commons Collections deserialization vulnerability

Project address: Collections – Download Apache Commons Collections

Local reproduction environment:

  • jdk 1.7.0_80
  • IDEA Project Structure ——> Projrct is set to 1.7
  • IDEA Project Structure --> Moudles is set to 1.7
  • Settings——>Build,Execution,Deployment——>Compiler——>Java
    Compiler——>Target bytecode version设置成7
  • Apache Commons Collections ≤ 3.2.1

Introduction to Apache Commons Collections

Apache Commons Collections is a third-party basic library that extends the Collection structure of the Java standard library. It provides many powerful data structure types and implements various collection tool classes. As an important component of the Apache open source project, Commons Collections is widely used in the development of various Java applications

Commons Collection

Guess you like

Origin blog.csdn.net/qq_64973687/article/details/130145824
Recommended
Ranking
Linux关机和重启详解(shutdown、halt、poweroff、reboot、init)
Netty work notes 0007---NIO's three core component relationships
Knife4j tutorial
2021.10.29,内容:什么时候用接口和抽象类
How to solve the problem that changing the memory frequency causes the computer to become unusable?
SpringMVC Tutorial - Controller
linux learning skills -Linux 25 transport Vega paid special privileges and facl extension
Financial quarterly report evaluation report data automatic generation 1.0
Agile Development Series - The Values of Agile Development
scrapy achieve browsercookie Middleware
Daily
More
2024-05-19(0)
2024-05-18(31)
2024-05-17(6)
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)

Code World

© 2018 codetd.com