github/ghidra
1
1
Fork 0
mirror of https://github.com/NationalSecurityAgency/ghidra.git synced 2026-01-10 06:27:59 -05:00
Code Issues Packages Projects Releases Wiki Activity

Deserialization of Untrusted Data

Browse Source 
introduced through: unknown:unknown@0.0.0 › com.google.code.gson:gson@2.8.6
Fix: Upgrade to com.google.code.gson:gson@2.8.9
Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.
This commit is contained in:
Bhaskara Ram
2021-12-23 22:08:40 +05:30
committed by Ryan Kurtz
parent 7a45cf24f1
commit 8e98b28cc4
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
GhidraBuild/BuildFiles/JsonDoclet/build.gradle
View File

@@ -19,7 +19,7 @@ eclipse.project.name = '_JsonDoclet'
apply plugin: 'java-library'
dependencies {
api "com.google.code.gson:gson:2.8.6"
api "com.google.code.gson:gson@2.8.9"
}
rootProject.createJsondocs.dependsOn jar