We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The component FastjsonEngine converts a JSON string to an equivalent Java Object based on Fastjson(version 1.2.11); However,Fastjson version 1.2.24 and prior has a remote code execution vulnerability. for details,please refer to the links below: https://fortiguard.com/encyclopedia/ips/44059 http://xxlegend.com/2017/12/06/基于JdbcRowSetImpl的Fastjson%20RCE%20PoC构造与分析/ Upgrade to Fastjson version 1.2.45 or later can fix the issue.
The text was updated successfully, but these errors were encountered:
tks ,at new version Fastjson has been upgraded.
Sorry, something went wrong.
No branches or pull requests
The component FastjsonEngine converts a JSON string to an equivalent Java Object based on Fastjson(version 1.2.11);
However,Fastjson version 1.2.24 and prior has a remote code execution vulnerability.
for details,please refer to the links below:
https://fortiguard.com/encyclopedia/ips/44059
http://xxlegend.com/2017/12/06/基于JdbcRowSetImpl的Fastjson%20RCE%20PoC构造与分析/
Upgrade to Fastjson version 1.2.45 or later can fix the issue.
The text was updated successfully, but these errors were encountered: