Описание
Security update for google-gson
This update for google-gson fixes the following issues:
- CVE-2022-25647: Fixed deserialization of untrusted data (bsc#1199064).
Список пакетов
Container containers/apache-pulsar:3.3
google-gson-2.8.9-150200.3.6.3
Container suse/manager/5.0/x86_64/server:latest
google-gson-2.8.9-150200.3.6.3
Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure
google-gson-2.8.9-150200.3.6.3
Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM
google-gson-2.8.9-150200.3.6.3
Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE
google-gson-2.8.9-150200.3.6.3
Image SLES15-SP4-Manager-Server-4-3
google-gson-2.8.9-150200.3.6.3
Image SLES15-SP4-Manager-Server-4-3-Azure-llc
google-gson-2.8.9-150200.3.6.3
Image SLES15-SP4-Manager-Server-4-3-Azure-ltd
google-gson-2.8.9-150200.3.6.3
Image SLES15-SP4-Manager-Server-4-3-BYOS
google-gson-2.8.9-150200.3.6.3
Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure
google-gson-2.8.9-150200.3.6.3
Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2
google-gson-2.8.9-150200.3.6.3
Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE
google-gson-2.8.9-150200.3.6.3
Image SLES15-SP4-Manager-Server-4-3-EC2-llc
google-gson-2.8.9-150200.3.6.3
Image SLES15-SP4-Manager-Server-4-3-EC2-ltd
google-gson-2.8.9-150200.3.6.3
Image server-image
google-gson-2.8.9-150200.3.6.3
SUSE Enterprise Storage 7
google-gson-2.8.9-150200.3.6.3
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS
google-gson-2.8.9-150200.3.6.3
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
google-gson-2.8.9-150200.3.6.3
SUSE Linux Enterprise Module for Development Tools 15 SP3
google-gson-2.8.9-150200.3.6.3
SUSE Linux Enterprise Module for Development Tools 15 SP4
google-gson-2.8.9-150200.3.6.3
SUSE Linux Enterprise Server 15 SP2-BCL
google-gson-2.8.9-150200.3.6.3
SUSE Linux Enterprise Server 15 SP2-LTSS
google-gson-2.8.9-150200.3.6.3
SUSE Linux Enterprise Server for SAP Applications 15 SP2
google-gson-2.8.9-150200.3.6.3
SUSE Manager Proxy 4.1
google-gson-2.8.9-150200.3.6.3
SUSE Manager Retail Branch Server 4.1
google-gson-2.8.9-150200.3.6.3
SUSE Manager Server 4.1
google-gson-2.8.9-150200.3.6.3
SUSE Manager Server Module 4.2
google-gson-2.8.9-150200.3.6.3
SUSE Manager Server Module 4.3
google-gson-2.8.9-150200.3.6.3
openSUSE Leap 15.3
google-gson-2.8.9-150200.3.6.3
google-gson-javadoc-2.8.9-150200.3.6.3
openSUSE Leap 15.4
google-gson-2.8.9-150200.3.6.3
google-gson-javadoc-2.8.9-150200.3.6.3
Ссылки
- Link for SUSE-SU-2022:2044-1
- E-Mail link for SUSE-SU-2022:2044-1
- SUSE Security Ratings
- SUSE Bug 1199064
- SUSE CVE CVE-2022-25647 page
Описание
The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.
Затронутые продукты
Container containers/apache-pulsar:3.3:google-gson-2.8.9-150200.3.6.3
Container suse/manager/5.0/x86_64/server:latest:google-gson-2.8.9-150200.3.6.3
Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:google-gson-2.8.9-150200.3.6.3
Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:google-gson-2.8.9-150200.3.6.3
Ссылки
- CVE-2022-25647
- SUSE Bug 1199064