Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

Page History

Versions Compared

Key

This line was added.
This line was removed.
Formatting was changed.

Comment: moved to Serialization (SER)

Recommendations

FIO00-J. Validate deserialized objectsReserved

FIO01-J. Canonicalize path names originating from untrusted sources

...

FIO31-J. Create a copy of mutable inputs

FIO32-J. Do not serialize sensitive dataReserved

FIO33-J. Do not allow serialization and deserialization to bypass the Security ManagerReserved

FIO34-J. Ensure all resources are properly closed when they are no longer needed

...

Recommendation	Severity	Likelihood	Remediation Cost	Priority	Level
FIO00-J	medium TODO	probable TODO	high TODO	P4 TODO	L3 TODO
FIO01-J	medium	unlikely	medium	P4	L3
FIO02-J	medium	unlikely	medium	P4	L3
FIO03-J	low	unlikely	medium	P2	L3
FIO04-J	TODO	TODO	TODO	TODO	TODO
FIO05-J	TODO	TODO	TODO	TODO	TODO
FIO06-J	medium	probable	high	P4	L3
FIO07-J	medium	probable	high	P4	L3

...

Rules	Severity	Likelihood	Remediation Cost	Priority	Level
FIO30-J	TODO	TODO	TODO	TODO	TODO
FIO31-J	medium	probable	high	P4	L3
FIO32-J	medium TODO	likely TODO	high TODO	P6 TODO	L2 TODO
FIO33-J	high TODO	probable TODO	high TODO	P6 TODO	L2 TODO
FIO34-J	low	probable	medium	P4	L3
FIO35-J	medium	unlikely	medium	P4	L3
FIO36-J	high	probable	medium	P12	L1
FIO37-J	medium	probable	high	P4	L3

...