31 matches found
CVE-2022-25647
The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes, which may lead to DoS attacks...
UBUNTU-CVE-2022-25647
The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes, which may lead to DoS attacks...
CVE-2022-25647
The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes, which may lead to DoS attacks...
CVE-2022-25647
The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes, which may lead to DoS attacks...
CVE-2022-25647
CVE-2022-25647 affects com.google.code.gson:gson before 2.8.9, which is vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, potentially enabling DoS. Public advisories (e.g., Debian DSA-5227-1) confirm the flaw and recommend upgrading to 2.8.9 or new...
CVE-2022-25647 Deserialization of Untrusted Data
The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes, which may lead to DoS attacks...
CVE-2022-25647
The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes, which may lead to DoS attacks...
CVE-2022-25647
The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes, which may lead to DoS attacks...
gson 代码问题漏洞
gson is a Java library that can be used to convert Java objects to their JSON representation. A security vulnerability exists in com.google.code.gson:gson versions prior to 2.8.9 that stems from the writeReplace method deserializing untrusted data, which can lead to a DoS attack...
PT-2022-7196
Name of the Vulnerable Software and Affected Versions com.google.code.gson:gson versions prior to 2.8.9 Bitbucket Data Center and Server versions 7.17.0, 7.21.0, 8.7.0, 8.8.0, 8.9.0, 8.10.0, 8.11.0, and 8.12.0 Description The issue is related to the deserialization mechanism in the Gson library,...
Deserialization of Untrusted Data
Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes, which may allow a denial of service attack if combined with another exploit. Details Serialization is a process of converting an object into a sequence o...