Unity Linux 20.1060e / 20.1070e Security Update: google-gson (UTSA-2026-016683)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016683 advisory. The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes, which may lea...

Astra Linux - уязвимость в libgoogle-gson-java

The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes, which may lead to DoS attacks...

EUVD-2026-14708

Deserialization of Untrusted Data vulnerability in DTStack chunjun ‎chunjun-core/src/main/java/com/dtstack/chunjun/util modules. This vulnerability is associated with program files GsonUtil.Java. This issue affects chunjun: before 1.16.1...

CVE-2026-4735

CVE-2026-4735 affects DTStack chunjun (chunjun-core/util) with a deserialization of untrusted data in GsonUtil.Java, leading to a stack overflow/DoS for versions before 1.16.1. Multiple sources corroborate the issue in chunjun up to 1.16.0, with Red Hat and PT-Security entries aligning on the vul...

EUVD-2022-2402

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-53864

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Connect2id Nimbus JOSE + JWT 10.0.x before 10.0.2 and 9.37.x before 9.37.4 allows a remote attacker to cause a denial of service via a deeply nested JSON object...

com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson

A flaw was found in gson, which is vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes. This issue may lead to availability attacks...

com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson

A flaw was found in gson, which is vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes. This issue may lead to availability attacks...

CVE-2025-3389

A vulnerability, which was classified as problematic, has been found in hailey888 oasystem up to 2025.01.01. This issue affects the function testMess of the file cn/gson/oasys/controller/inform/InformManageController.java of the component Backend. The manipulation of the argument menu leads to...

Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs

Summary Multiple vulnerabilities were fixed in IBM Cloud Pak for Watson AIOps Vulnerability Details CVEID:CVE-2022-42004 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a check in in the BeanDeserializer.deserializeFromArray function. By sending a...

MAL-2025-2675 Malicious code in gson-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fd315ab6614bdf716d90b22ff2804ff7594f8bfe856133c0d60bebaf9d241e79 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in gson-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fd315ab6614bdf716d90b22ff2804ff7594f8bfe856133c0d60bebaf9d241e79 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV-2024-1388 Security exception in com.google.gson.internal.bind.TypeAdapters$28.write

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=384541935 Crash type: Security exception Crash state: com.google.gson.internal.bind.TypeAdapters$28.write com.google.gson.JsonElement.isJsonPrimitive com.google.gson.JsonElement.getAsJsonPrimitive...

PT-2024-41059 · Google · Gson

Name of the Vulnerable Software and Affected Versions: Gson affected versions not specified Description: A security exception occurs due to a crash in the com.google.gson.internal.bind.TypeAdapters$28.write function, which is related to the com.google.gson.JsonElement.isJsonPrimitive and...

Security Bulletin: Vulnerability in Google Gson affects watsonx.data

Summary Google Gson is vulnerable to a denial of service, caused by the deserialization of untrusted data. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2022-25647 DESCRIPTION: Google Gson is vulnerable to a denial of service, caused by the deserialization of untrusted data. By...

OPENSUSE-SU-2024:12040-1 google-gson-2.8.9-3.1 on GA media

These are all security issues fixed in the google-gson-2.8.9-3.1 package on the GA media of openSUSE Tumbleweed...

Ubuntu: Security Advisory (USN-6692-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6692-1 libgoogle-gson-java vulnerability

It was discovered that Gson incorrectly handled deserialization of untrusted input data. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service...

USN-6692-1: Gson vulnerability

It was discovered that Gson incorrectly handled deserialization of untrusted input data. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : Gson vulnerability (USN-6692-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6692-1 advisory. It was discovered that Gson incorrectly handled deserialization of untrusted input data. If a user or an automated system were...