Earlier in August, a Contrast Security customer reported what they initially thought was a false positive: a deserialization vulnerability in Spring-Kafka. 

*** This is a Security Bloggers Network syndicated blog from AppSec Observer authored by Joseph Beeton, Senior Application Security Researcher, Contrast Security. Read the original post at: https://www.contrastsecurity.com/security-influencers/contrast-assess-uncovers-spring-kafka-deserialization-zero-day