|
|
|
|
|
|
by yjk
1404 days ago
|
|
|
> Meanwhile in Java world, with strict typing, you have egregious vulnerabilities like log4shell, amongst others (https://java-0day.com/). The website doesn't seem to be up to date. I haven't looked deeply into log4shell/spring4shell, but my impression is that they were not related to typing (input validation for log4shell, at least). Maybe this was the point you were trying to make, but these vulnerabilities don't seem too relevant to type system. |
|
|