Closed mikhsol closed 3 weeks ago
Fix CVE-2022-25647
The package com.google.code.gson:gson before 2.8.9 is vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to denial of service attacks.
Bump up version of the gson package.
https://github.com/advisories/GHSA-4jrv-ppp4-jm57
Fix CVE-2022-25647
The package com.google.code.gson:gson before 2.8.9 is vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to denial of service attacks.
Bump up version of the gson package.
https://github.com/advisories/GHSA-4jrv-ppp4-jm57