Restricting Incoming Serialized Java Objects to Oracle WebLogic Server - New with WLS PSUs
(Doc ID 2421487.1)
Last updated on AUGUST 26, 2019
Oracle WebLogic Server - Version 10.3.6 and later Information in this document applies to any platform.
- Note this document may be updated with a PSU release. Check back when applying the next PSU and look for updates
- For example, January 2019 has an updated blacklist and updated serialFilterScope. July 2019 added a blacklist item
This document provided information to help you restrict incoming serialized Java objects as part of a security best practice or hardening recommendation for Oracle WebLogic Server (WLS).
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!