| Package | libgoogle-gson-java |
|---|---|
| Version | 2.2.4-1+deb8u1 |
| Related CVEs | CVE-2022-25647 |
src:libgoogle-gson-java, which helps convert Java objects into their JSON representation, is vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.
For Debian 8 jessie, these problems have been fixed in version 2.2.4-1+deb8u1.
We recommend that you upgrade your libgoogle-gson-java packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.