Details
-
Story
-
Status: Done
-
Highest
-
Resolution: Done
-
None
-
None
-
None
Description
The package com.google.code.gson:gson before 2.8.9 is vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to denial of service attacks.