Java Apocalypse - Deserialization Flaw

Proposals for I2P
Post Reply
anonymousmaybe
Posts: 35
Joined: 06 Oct 2018 17:06

Java Apocalypse - Deserialization Flaw

Post by anonymousmaybe »

Its better to check if I2P or any of its applications used by default effected by this flaw:

- Deserialization issues also affect Ruby, not just Java, PHP, and .NET
https://www.zdnet.com/article/deseriali ... p-and-net/

If I2P and all its applications happened to be safe from this attack , please announce that on I2P website. (common attacks or anywhere ...)
echelon
Posts: 261
Joined: 10 Feb 2018 13:36

Re: Java Apocalypse - Deserialization Flaw

Post by echelon »

Hi

the issue is 3 years old now, and as I2P itself does not use these functions, I2P itself is secure against this attacks, AFAIK.

We cannot talk for other apps, though.

echelon
Post Reply