WS-2021-0419
Published:May 14, 2026
Updated:May 14, 2026
Denial of Service vulnerability was discovered in gson before 2.8.9 via the writeReplace() method.
Affected Packages
nextflow (CONDA):
Affected version(s) >=21.04.0 <23.04.1Fix Suggestion:
Update to version 23.04.1pyspark (CONDA):
Affected version(s) >=3.5.3 <=3.5.4Fix Suggestion:
Update to version no_fixr-provviz (CONDA):
Affected version(s) >=1.0.6 <=1.0.8Fix Suggestion:
Update to version no_fixr-r2pmml (CONDA):
Affected version(s) =0.26.0Fix Suggestion:
Update to version no_fixsearchgui (CONDA):
Affected version(s) >=4.0.22 <4.0.41Fix Suggestion:
Update to version 4.0.41existdb (CONDA):
Affected version(s) >=4.5.0 <=4.7.1Fix Suggestion:
Update to version no_fixsalesforce-merlion (CONDA):
Affected version(s) >=1.0.0 <1.1.0Fix Suggestion:
Update to version 1.1.0malt (CONDA):
Affected version(s) >=0.5.1 <0.41Fix Suggestion:
Update to version 0.41gradle (CONDA):
Affected version(s) >=6.4.0 <=7.4.2Fix Suggestion:
Update to version no_fixpyspark (CONDA):
Affected version(s) >=3.3.0 <3.3.2Fix Suggestion:
Update to version 3.3.2sirius-csifingerid (CONDA):
Affected version(s) >=4.0.1 <5.8.2Fix Suggestion:
Update to version 5.8.2igv (CONDA):
Affected version(s) >=2.8.11 <=2.16.2Fix Suggestion:
Update to version no_fixgradle (CONDA):
Affected version(s) >=5.3.1 <6.3.0Fix Suggestion:
Update to version 6.3.0igv (CONDA):
Affected version(s) >=2.8.4 <2.8.10Fix Suggestion:
Update to version 2.8.10genomestrip (CONDA):
Affected version(s) =2.00.1833Fix Suggestion:
Update to version no_fixmegan (CONDA):
Affected version(s) >=6.21.2 <=6.24.20Fix Suggestion:
Update to version no_fixmetanovo (CONDA):
Affected version(s) =1.9.4Fix Suggestion:
Update to version no_fixmpa-portable (CONDA):
Affected version(s) >=1.9.0 <=2.0.0Fix Suggestion:
Update to version no_fixfiji (CONDA):
Affected version(s) >=20151222 <20231211Fix Suggestion:
Update to version 20231211cromwell (CONDA):
Affected version(s) >=0.23 <0.32Fix Suggestion:
Update to version 0.32pepgenome (CONDA):
Affected version(s) =1.1.betaFix Suggestion:
Update to version no_fixigvtools (CONDA):
Affected version(s) >=2.5.3 <=2.16.2Fix Suggestion:
Update to version no_fixmalt (CONDA):
Affected version(s) >=0.53 <=0.61Fix Suggestion:
Update to version no_fixpepquery (CONDA):
Affected version(s) >=1.2.0 <=2.0.2Fix Suggestion:
Update to version no_fixpeptide-shaker (CONDA):
Affected version(s) >=1.16.29 <2.2.17Fix Suggestion:
Update to version 2.2.17existdb (CONDA):
Affected version(s) =4.3.1 <4.4.0Fix Suggestion:
Update to version 4.4.0sklearn2pmml (CONDA):
Affected version(s) >=0.67.0 <0.76.1Fix Suggestion:
Update to version 0.76.1watchdog-wms (CONDA):
Affected version(s) >=2.0.0 <2.0.5Fix Suggestion:
Update to version 2.0.5pyspark (CONDA):
Affected version(s) =3.4.1 <3.5.0Fix Suggestion:
Update to version 3.5.0sklearn2pmml (CONDA):
Affected version(s) >=0.64.0 <0.66.0Fix Suggestion:
Update to version 0.66.0igv (CONDA):
Affected version(s) >=2.5.2 <2.8.3Fix Suggestion:
Update to version 2.8.3watchdog-wms (CONDA):
Affected version(s) >=2.0.6 <2.0.8Fix Suggestion:
Update to version 2.0.8peptide-shaker (CONDA):
Affected version(s) >=1.1.3 <1.16.26Fix Suggestion:
Update to version 1.16.26pyspark (CONDA):
Affected version(s) >=2.1.0 <3.2.3Fix Suggestion:
Update to version 3.2.3beakerx (CONDA):
Affected version(s) >=0.14.0 <=1.4.1Fix Suggestion:
Update to version no_fixinterproscan (CONDA):
Affected version(s) >=5.52_86.0 <5.59_91.0Fix Suggestion:
Update to version 5.59_91.0searchgui (CONDA):
Affected version(s) >=2.1.4 <4.0.12Fix Suggestion:
Update to version 4.0.12flyway.commandline.jre (NUGET):
Affected version(s) =7.15.0 <8.2.2Fix Suggestion:
Update to version 8.2.2jetbrains.rider.frontend2 (NUGET):
Affected version(s) =203.0.20201229.161815 <203.0.20200923.135724-eap01Fix Suggestion:
Update to version 203.0.20200923.135724-eap01logstash-binary (NUGET):
Affected version(s) >=7.8.0 <=7.8.1Fix Suggestion:
Update to version no_fixmicro-manager.net (NUGET):
Affected version(s) =2.0.3.3Fix Suggestion:
Update to version no_fixflyway.commandline (NUGET):
Affected version(s) >=6.0.6 <8.2.2Fix Suggestion:
Update to version 8.2.2jetbrains.rider.frontend2 (NUGET):
Affected version(s) =203.0.20210317.94906 <203.0.20201127.95230-eap09Fix Suggestion:
Update to version 203.0.20201127.95230-eap09jetbrains.rider.frontend2 (NUGET):
Affected version(s) =211.0.20210410.35359 <212.0.20210730.195106Fix Suggestion:
Update to version 212.0.20210730.195106dapiconnect-xamarin.android (NUGET):
Affected version(s) =0.1.0 <0.1.1Fix Suggestion:
Update to version 0.1.1jetbrains.rider.frontend2 (NUGET):
Affected version(s) >=211.0.20210713.161611 <211.0.20210130.101832-eap01Fix Suggestion:
Update to version 211.0.20210130.101832-eap01tikiwiki/diagram (PHP):
Affected version(s) >=v14.1.3 <v14.2.8Fix Suggestion:
Update to version v14.2.8lizetheb1920/high-chart (PHP):
Affected version(s) =dev-masterFix Suggestion:
Update to version no_fixtikiwiki/diagram (PHP):
Affected version(s) =v15.8.7 <v15.8.8Fix Suggestion:
Update to version v15.8.8purepanel/dashboard-module (PHP):
Affected version(s) >=v1.0.0 <v1.1.2Fix Suggestion:
Update to version v1.1.2oxil/kinikit-mvc (PHP):
Affected version(s) =0.6 <v0.6Fix Suggestion:
Update to version v0.6oxil/kinikit-mvc (PHP):
Affected version(s) =0.2 <v0.2Fix Suggestion:
Update to version v0.2ddkits/cli (PHP):
Affected version(s) =dev-dependabot/npm_and_yarn/tough-cookie-4.1.3 <4.20Fix Suggestion:
Update to version 4.20oxil/kinikit-mvc (PHP):
Affected version(s) =dev-netistrar <dev-refactoringFix Suggestion:
Update to version dev-refactoringtikiwiki/diagram (PHP):
Affected version(s) =v13.6.5 <v13.6.6Fix Suggestion:
Update to version v13.6.6tikiwiki/diagram (PHP):
Affected version(s) >=v13.9.9 <v13.10.5Fix Suggestion:
Update to version v13.10.5tikiwiki/diagram (PHP):
Affected version(s) >=v14.0.2 <v14.1.2Fix Suggestion:
Update to version v14.1.2tikiwiki/diagram (PHP):
Affected version(s) >=v13.9.4 <v13.9.7Fix Suggestion:
Update to version v13.9.7oxil/kinikit-mvc (PHP):
Affected version(s) =0.3 <v0.3Fix Suggestion:
Update to version v0.3ddkits/cli (PHP):
Affected version(s) =dev-New2 <dev-beta2Fix Suggestion:
Update to version dev-beta2oxil/kinibook (PHP):
Affected version(s) =dev-master <0.0.1Fix Suggestion:
Update to version 0.0.1oxil/kinikit-mvc (PHP):
Affected version(s) =0.1 <v0.1Fix Suggestion:
Update to version v0.1myparkfolio/jars-gson (PHP):
Affected version(s) =2.8.5Fix Suggestion:
Update to version no_fixoxil/kinikit-mvc (PHP):
Affected version(s) =0.5 <v0.5Fix Suggestion:
Update to version v0.5flash20/yii2-adminh-asset (PHP):
Affected version(s) >=dev-master <=0.0.3Fix Suggestion:
Update to version no_fixoxil/kinikit-mvc (PHP):
Affected version(s) =0.7 <v0.7Fix Suggestion:
Update to version v0.7myparkfolio/jars-gson (PHP):
Affected version(s) =dev-master <2.1.0Fix Suggestion:
Update to version 2.1.0xorti/mxgraph-editor (PHP):
Affected version(s) =dev-master <v3.9.8Fix Suggestion:
Update to version v3.9.8tikiwiki/diagram (PHP):
Affected version(s) >=v15.7.1 <v15.7.4Fix Suggestion:
Update to version v15.7.4sklearn2pmml (PYTHON):
Affected version(s) >=0.64.0 <0.66.0Fix Suggestion:
Update to version 0.66.0pyspark (PYTHON):
Affected version(s) >=3.3.0 <3.3.2Fix Suggestion:
Update to version 3.3.2pyspark (PYTHON):
Affected version(s) >=3.5.3 <=3.5.4Fix Suggestion:
Update to version no_fixpyspark (PYTHON):
Affected version(s) =3.4.1 <3.5.0Fix Suggestion:
Update to version 3.5.0beakerx (PYTHON):
Affected version(s) >=0.14.0 <=1.4.1Fix Suggestion:
Update to version no_fixsklearn2pmml (PYTHON):
Affected version(s) >=0.67.0 <0.76.1Fix Suggestion:
Update to version 0.76.1salesforce-merlion (PYTHON):
Affected version(s) >=1.0.0 <1.1.0Fix Suggestion:
Update to version 1.1.0Related Resources (1)
Do you need more information?
Contact UsCVSS v4
Base Score:
8.4
Attack Vector
NETWORK
Attack Complexity
HIGH
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
NONE
Vulnerable System Confidentiality
LOW
Vulnerable System Integrity
HIGH
Vulnerable System Availability
HIGH
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
7.7
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
HIGH
Availability
HIGH