You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We've received the below information about the SDK:
gson - Deserialization of Untrusted Data. The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.
We should fix it and validate the data before deserializing.
According to this website, the problem is with the gson dependency version and not our code. We are transitively using the gson in version 2.8.6 from the ably-android dependency. After it gets upgraded to at least 2.8.9 the problem should be fixed, so after ably/ably-java#777 is resolved and a new ably-android SDK version is released we should update it in the AAT project.
We've received the below information about the SDK:
We should fix it and validate the data before deserializing.According to this website, the problem is with the
gson
dependency version and not our code. We are transitively using thegson
in version2.8.6
from theably-android
dependency. After it gets upgraded to at least2.8.9
the problem should be fixed, so after ably/ably-java#777 is resolved and a newably-android
SDK version is released we should update it in the AAT project.┆Issue is synchronized with this Jira Task by Unito
The text was updated successfully, but these errors were encountered: