Recommendations

FIO00-A. Validate user input

FIO01-A. Validate deserialized objects

Rules

FIO30-C. Create a copy of mutable inputs

FIO31-C. Do not serialize sensitive data

FIO32-C. Do not allow serialization and deserialization to bypass the Security Manager

Risk Assessment Summary

Recommendations

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

FIO00-A

1 (low)

1 (unlikely)

2 (medium)

P2

L3

Rules

Rules

Severity

Likelihood

Remediation Cost

Priority

Level

FIO30-C

1 (low)

1 (unlikely)

2 (medium)

P2

L3