The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.
CPE | Name | Operator | Version |
---|---|---|---|
brocade sannav | lt | 2.2.0 | |
brocade sannav | lt | 2.2.2a |