Closed ishwaryaaaaaaaaaaa closed 1 month ago
Impacted component: us.icr.io/bravoapps/allegroapp-data-store Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.
Impacted component: us.icr.io/bravoapps/allegroapp-data-store Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Description
The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.