Search CVE reports

Toggle filters

1 result

CVE-2022-25647

Medium priority

Some fixes available 4 of 7

The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.

1 affected package

libgoogle-gson-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libgoogle-gson-java Not affected Fixed Fixed Fixed Fixed
Show less packages