Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-15724

Bump GSON version to 2.8.9

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Trivial
    • 26.0.0.Beta1, 26.0.0.Final
    • None
    • None
    • None

    Description

      GSON has silently improved deserialisation of certain classes and many vulnerability scanners are starting to flag GSON < 2.8.9 as vulnerable to deserialisation attacks

      https://github.com/google/gson/pull/1991/files

      Attachments

        Activity

          Public project attachment banner

            context keys: [headless, issue, helper, isAsynchronousRequest, project, action, user]
            current Project key: WFLY

            People

              bstansbe@redhat.com Brian Stansberry
              trixpan Andre F de Miranda (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: