development/ghidra
development/ghidra
1
0
Fork 0
mirror of https://github.com/NationalSecurityAgency/ghidra synced 2024-10-01 07:54:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Deserialization of Untrusted Data

Browse source 
introduced through: unknown:unknown@0.0.0 › com.google.code.gson:gson@2.8.6
Fix: Upgrade to com.google.code.gson:gson@2.8.9
Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.
This commit is contained in:
Bhaskara Ram 2021-12-23 22:08:40 +05:30 committed by Ryan Kurtz
parent 7a45cf24f1
commit 8e98b28cc4
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
GhidraBuild/BuildFiles/JsonDoclet/build.gradle
View file

@ -19,7 +19,7 @@ eclipse.project.name = '_JsonDoclet'
apply plugin: 'java-library'
dependencies {
api "com.google.code.gson:gson:2.8.6"
api "com.google.code.gson:gson@2.8.9"
}
rootProject.createJsondocs.dependsOn jar