Deserialization of Untrusted Data

ID

scala.xml.scala_xml_rule_xmldecoder

Severity

low

Resource

Xml

Language

Scala

Description

Avoid using XMLDecoder to parse content from an untrusted source.

Rationale

Avoid using XMLDecoder to parse content from an untrusted source.

Remediation

Follow secure coding practices and review the references below for detailed remediation guidance.

Configuration

This detector does not need any configuration.

References