Temporary fix for serialization RCE CVE

[ARMmaster17]

Summary

A zero-day vulnerability was found in the core serialization library used by Java 9+ that affects Sprint Boot applications. It's an RCE vulnerability, which is bad for us because somebody could remotely run xmrig and either use up all of our server credits for the month or get us kicked off of Heroku for a ToS violation (there are crawler bots out there that are doing this with the log4J RCE vulnerability found last year).

This PR implements a temporary fix while the Spring project maintainers roll out a patched version in the coming weeks.

Closes #231

How to Test

If you wish, the CVE author has a detailed writeup on how to exploit this vulnerability using a simple POJO object and a controller that uses parameter injection: https://www.cyberkendra.com/2022/03/spring4shell-details-and-exploit-code.html This vulnerability should not work with the code on this branch. (Unfortunately, some of the code in in Chinese, but can be translated easily with the Google Translate mobile app and a smartphone with a camera).

[github-actions[bot]]

Unit Test Results

15 files  ±0  15 suites  ±0   22s :stopwatch: +2s 84 tests ±0  84 :heavy_check_mark: ±0  0 :zzz: ±0  0 :x: ±0 

Results for commit d9f69d25. ± Comparison against base commit 2f404163.

:recycle: This comment has been updated with latest results.