Lucene search
K

31 matches found

NVD
NVD
added 2022/05/01 4:15 p.m.36 views

CVE-2022-25647

The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes, which may lead to DoS attacks...

7.7CVSS0.1158EPSS
Exploits0References8
OSV
OSV
added 2022/05/01 4:15 p.m.1 views

UBUNTU-CVE-2022-25647

The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes, which may lead to DoS attacks...

7.7CVSS7.1AI score0.1158EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2022/05/01 4:15 p.m.137 views

CVE-2022-25647

The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes, which may lead to DoS attacks...

7.7CVSS7.3AI score0.1158EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2022/05/01 3:30 p.m.75 views

CVE-2022-25647

The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes, which may lead to DoS attacks...

7.7CVSS8.3AI score0.1158EPSS
Exploits0
CVE
CVE
added 2022/05/01 3:30 p.m.766 views

CVE-2022-25647

CVE-2022-25647 affects com.google.code.gson:gson before 2.8.9, which is vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, potentially enabling DoS. Public advisories (e.g., Debian DSA-5227-1) confirm the flaw and recommend upgrading to 2.8.9 or new...

7.7CVSS7.7AI score0.1158EPSS
Exploits0References8Affected Software1
Vulnrichment
Vulnrichment
added 2022/05/01 3:30 p.m.6 views

CVE-2022-25647 Deserialization of Untrusted Data

The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes, which may lead to DoS attacks...

7.7CVSS7.3AI score0.1158EPSS
Exploits0References8
AlpineLinux
AlpineLinux
added 2022/05/01 3:30 p.m.78 views

CVE-2022-25647

The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes, which may lead to DoS attacks...

7.7CVSS7.8AI score0.1158EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/05/01 3:25 p.m.2 views

CVE-2022-25647

The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes, which may lead to DoS attacks...

7.7CVSS5.3AI score0.1158EPSS
Exploits0References9
CNNVD
CNNVD
added 2022/05/01 12:0 a.m.3 views

gson 代码问题漏洞

gson is a Java library that can be used to convert Java objects to their JSON representation. A security vulnerability exists in com.google.code.gson:gson versions prior to 2.8.9 that stems from the writeReplace method deserializing untrusted data, which can lead to a DoS attack...

7.7CVSS7.8AI score0.1158EPSS
Exploits0References30
Positive Technologies
Positive Technologies
added 2022/05/01 12:0 a.m.3 views

PT-2022-7196

Name of the Vulnerable Software and Affected Versions com.google.code.gson:gson versions prior to 2.8.9 Bitbucket Data Center and Server versions 7.17.0, 7.21.0, 8.7.0, 8.8.0, 8.9.0, 8.10.0, 8.11.0, and 8.12.0 Description The issue is related to the deserialization mechanism in the Gson library,...

7.7CVSS7.2AI score0.1158EPSS
Exploits0References54
Snyk
Snyk
added 2021/10/11 4:57 p.m.1 views

Deserialization of Untrusted Data

Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes, which may allow a denial of service attack if combined with another exploit. Details Serialization is a process of converting an object into a sequence o...

7.7CVSS9.3AI score0.1158EPSS
Exploits0References2
Rows per page
Query Builder