the tl;dr of this is: even oracle doesn't know how to use java safetly (?) https://www.computest.nl/advisories/CT-2017-0425_MySQL-Connector-J.txt …
I don't know them well enough to say; maybe they do better. "Every" was of course an overstatement without further research.
-
-
IIRC this sort of "hidden eval" in deserialization and the like is a pattern I've seen in several higher level OO langs.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.