We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
src/main/java/com/jfinal/plugin/redis/serializer/JdkSerializer.java#valueFromBytes中存在readObject调用 发现该方法在 src/main/java/com/jfinal/plugin/redis/Cache.java#get 中调用了 传入的值为根据键名获取redis中存放的字节 如该键存放的是反序列化的bytecode则可导致RCE
RedisPlugin redis = new RedisPlugin("data","127.0.0.1"); redis.setSerializer(new JdkSerializer()); me.add(redis);
Cache dataCache = Redis.use("data"); dataCache.get("bytecodeKey");
redis bytecodeKey 键对应的值为yso生成的恶意字节码即可造成rce
The text was updated successfully, but these errors were encountered:
No branches or pull requests
src/main/java/com/jfinal/plugin/redis/serializer/JdkSerializer.java#valueFromBytes中存在readObject调用 发现该方法在
src/main/java/com/jfinal/plugin/redis/Cache.java#get 中调用了 传入的值为根据键名获取redis中存放的字节
如该键存放的是反序列化的bytecode则可导致RCE
Cache dataCache = Redis.use("data");
dataCache.get("bytecodeKey");
redis bytecodeKey 键对应的值为yso生成的恶意字节码即可造成rce
The text was updated successfully, but these errors were encountered: