7.4 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
64.6%
The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.