Skip to content

[ISSUE #2007]Fastjson has a serious security problem in 1.2.62,which will cause RCE #2008

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
duhenglucky merged 1 commit into from
May 19, 2020
Merged

[ISSUE #2007]Fastjson has a serious security problem in 1.2.62,which will cause RCE #2008

duhenglucky merged 1 commit into from
May 19, 2020

Conversation

@wcc526
Copy link
Contributor

@wcc526 wcc526 commented May 18, 2020

Fastjson has a serious security problem in 1.2.62,which will cause RCE

Fix #2007

What is the purpose of the change

Fastjson has a serious security problem in 1.2.62,which will cause RCE

Brief changelog

Fastjson has a serious security problem in 1.2.62,which will cause RCE

Verifying this change

Fastjson has a serious security problem in 1.2.62,which will cause RCE

@wcc526
Fastjson has a serious security problem in 1.2.62,which will cause RCE
a60d938 
Fastjson has a serious security problem in 1.2.62,which will cause RCE

Fix apache#2007
@RongtongJin RongtongJin changed the title Fastjson has a serious security problem in 1.2.62,which will cause RCE [ISSUE #2007]Fastjson has a serious security problem in 1.2.62,which will cause RCE May 18, 2020
@coveralls
Copy link

coveralls commented May 18, 2020

Coverage Status

Coverage decreased (-0.06%) to 50.897% when pulling a60d938 on wcc526:patch-2 into 7f10536 on apache:develop.

@codecov-commenter
Copy link

codecov-commenter commented May 19, 2020

Codecov Report

Merging #2008 into develop will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff             @@
##             develop    #2008   +/-   ##
==========================================
  Coverage      45.15%   45.15%           
  Complexity      4202     4202           
==========================================
  Files            545      545           
  Lines          35732    35732           
  Branches        4744     4744           
==========================================
  Hits           16135    16135           
  Misses         17554    17554           
  Partials        2043     2043

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 7f10536...a60d938. Read the comment docs.

@duhenglucky duhenglucky merged commit a7a979f into apache:develop May 19, 2020
@RongtongJin RongtongJin added this to the 4.7.1 milestone May 25, 2020
@RongtongJin RongtongJin linked an issue May 25, 2020 that may be closed by this pull request
Fastjson has a serious security problem in 1.2.62,which will cause RCE #2007
Closed
@RongtongJin RongtongJin mentioned this pull request Jun 2, 2020
Closed
GenerousMan pushed a commit to GenerousMan/rocketmq that referenced this pull request Aug 12, 2022
@duhenglucky
Merge pull request apache#2008 from wcc526/patch-2
59f334a 
[ISSUE apache#2007]Fastjson has a serious security problem in 1.2.62,which will cause RCE
pulllock pushed a commit to pulllock/rocketmq that referenced this pull request Oct 19, 2023
@duhenglucky
Merge pull request apache#2008 from wcc526/patch-2
900112c 
[ISSUE apache#2007]Fastjson has a serious security problem in 1.2.62,which will cause RCE
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@duhenglucky duhenglucky duhenglucky approved these changes

@RongtongJin RongtongJin RongtongJin approved these changes

Assignees

No one assigned

Labels

type/enhancement

Projects

None yet

Milestone

4.7.1

Development

Successfully merging this pull request may close these issues.

Fastjson has a serious security problem in 1.2.62,which will cause RCE

5 participants

@wcc526 @coveralls @codecov-commenter @duhenglucky @RongtongJin