Uploaded image for project: 'ONgDB'
  1. ONgDB
  2. ONGDB-292

Upgrade gson from 2.8.2 to 2.8.9

    XMLWordPrintable

Details

    • Story
    • Status: Done
    • Highest
    • Resolution: Done
    • None
    • 1.0.2
    • None
    • None

    Description

      The package com.google.code.gson:gson before 2.8.9 is vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to denial of service attacks.

      Attachments

        Activity

          People

            amanda.bouman Amanda Bouman
            bradnussbaum Brad Nussbaum
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: