Skip to content

Commit

Permalink
Update libs.versions.toml
Browse files Browse the repository at this point in the history 
Fix CVE-2022-25647

The package com.google.code.gson:gson before 2.8.9 is vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to denial of service attacks.

Bump up version of the gson package.

GHSA-4jrv-ppp4-jm57
  • Loading branch information
@mikhsol
mikhsol authored Aug 29, 2024
1 parent 8db5932 commit 8976239
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion kotlin/gradle/libs.versions.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ plugin-kotlin = "1.6.10"
plugin-gver = "0.42.0"
kotlinx-benchmark = "0.4.8"
junit = "4.12"
gson = "2.8.5"
gson = "2.8.9"
moshi-kotlin = "1.11.0"

[libraries]
Expand Down

0 comments on commit 8976239

Please sign in to comment.