Download
| Alert*
oval:org.secpod.oval:def:86411
It was discovered that Gson, a Java library that can be used to convert Java Objects into their JSON representations and vice versa, was vulnerable to a de- serialization flaw. An application would de-serialize untrusted data without sufficiently verifying that the resulting data will be valid, lett ... oval:org.secpod.oval:def:610114 It was discovered that Gson, a Java library that can be used to convert Java Objects into their JSON representations and vice versa, was vulnerable to a de- serialization flaw. An application would de-serialize untrusted data without sufficiently verifying that the resulting data will be valid, lett ... oval:org.secpod.oval:def:89046377 This update for google-gson fixes the following issues: - CVE-2022-25647: Fixed deserialization of untrusted data . oval:org.secpod.oval:def:3300591 SUSE Security Update: Security update for google-gson oval:org.secpod.oval:def:708822 libgoogle-gson-java: A Java serialization/deserialization library to convert Java Objects into JSON and back Gson could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:98752 libgoogle-gson-java: A Java serialization/deserialization library to convert Java Objects into JSON and back Gson could be made to crash if it opened a specially crafted file. |