Blog: The blog of a gypsy engineer


222 blogs updated: 32 min. ago
Detecting Jakarta Expression Language injections with CodeQL
Recently I wrote a post about detecting JEXL injections with CodeQL. JEXL is a library that provides an interpreter for a simple expression ...
7
15-04-2021 00:59:03 The blog of a gypsy engineer Advanced
WS-2016-7107: CSRF tokens in Spring and the BREACH attack
Recently WhiteSource security scanner started reporting WS-2016-7107 against Spring-based applications. This is an old issue that was report...
0
14-04-2021 18:09:22 The blog of a gypsy engineer Advanced
Detecting dangerous Spring service exporters with CodeQL
In this blog post, I'll talk about detecting unsafe Spring Exporters with a CodeQL query. First, I'll describe the issue that received CVE-2...
15
25-03-2021 14:30:20 The blog of a gypsy engineer Advanced
Fosstars: a framework for defining ratings for open source projects
I recently wrote a blog post about a project I have been working on at SAP for a year. The project is called Fosstars. It is an open-source ...
0
23-03-2021 15:30:48 The blog of a gypsy engineer Advanced
Detecting JEXL injections with CodeQL
In this post, I'll talk about a CodeQL query for detecting JEXL Expression Language injection vulnerabilities. First, I'll give a brief over...
9
21-02-2021 13:20:52 The blog of a gypsy engineer Advanced
Reading a photoresistor on ESP32 with MicroPython
A photoresistor or a light-dependent resistor (LDR) is a resistor that changes its value (resistance) depending on light intensity. More pre...
4
10-01-2021 14:49:30 The blog of a gypsy engineer Advanced
Measuring CO2 with MH-Z19B on ESP32
In the previous posts, I described a simple weather station that measures temperature and humidity and sends the measurements to a Google sh...
4
01-01-2021 20:05:46 The blog of a gypsy engineer Advanced
New Switch Expressions in Java 14
Java 14 is going to be released on March 17, 2020. The new version of Java contains one major update to the Java language: new switch expres...
3
07-03-2020 22:56:16 The blog of a gypsy engineer Advanced
What is new in Java 14?
Java 14 is going to be released on Mar 17th, 2020. Besides 2400 bug fixes and small enhancements, the new version of Java contains 16 major ...
9
09-02-2020 20:24:20 The blog of a gypsy engineer Advanced
CVE-2020-1925: Requests to arbitrary URLs in Apache Olingo
Some time ago I wrote about unsafe deserialization and DoS vulnerabilities I've discovered in Apache Olingo. This post describes one more is...
10
26-01-2020 18:48:12 The blog of a gypsy engineer Advanced


© Jiri Pinkas | this project on GitHub | related: JavaVids | Maven Central Repository Search | Java školení

Top Java Blogs is a Java blog aggregator (with English-written blogs only) focused on Java SE, Java EE, Spring Framework and Hibernate.

Made better & faster using https://www.yourkit.com/ Java Profiler