Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-15724

Bump GSON version to 2.8.9

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Trivial Trivial
    • 26.0.0.Beta1, 26.0.0.Final
    • None
    • None
    • None

      GSON has silently improved deserialisation of certain classes and many vulnerability scanners are starting to flag GSON < 2.8.9 as vulnerable to deserialisation attacks

      https://github.com/google/gson/pull/1991/files

              bstansbe@redhat.com Brian Stansberry
              trixpan Andre F de Miranda (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: