1 results (0.003 seconds)
CVSS: 7.7EPSS: 1%CPEs: 14EXPL: 0
CVSS: 7.7EPSS: 1%CPEs: 14EXPL: 0CVE-2022-25647 – Deserialization of Untrusted Data
https://notcve.org/view.php?id=CVE-2022-25647
01 May 2022 — The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks. El paquete com.google.code.gson:gson versiones anteriores a 2.8.9, son vulnerables a una Deserialización de Datos No Confiables por medio del método writeReplace() en clases internas, lo cual puede conllevar a ataques DoS A flaw was found in gson, which is vulnerable to Deserialization of Untrusted Data via the writeReplace()... • https://github.com/google/gson/pull/1991 • CWE-502: Deserialization of Untrusted Data •