Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-15724

Bump GSON version to 2.8.9

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Trivial
    • 26.0.0.Beta1, 26.0.0.Final
    • None
    • None
    • None

    Description

      GSON has silently improved deserialisation of certain classes and many vulnerability scanners are starting to flag GSON < 2.8.9 as vulnerable to deserialisation attacks

      https://github.com/google/gson/pull/1991/files

      Attachments

        Activity

          People

            bstansbe@redhat.com Brian Stansberry
            trixpan Andre F de Miranda (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: