ÿÖÜÉý¼¶Í¨¸æ-2022-10-14

Ðû²¼Ê±¼ä 2022-10-14
ÐÂÔöÊÂÎñ

 

ÊÂÎñÃû³Æ£º

HTTP_ÌáȨ¹¥»÷_Apache_Commons_´úÂëÖ´ÐÐ[CVE-2022-33980/CVE-2022-42889]

Çå¾²ÀàÐÍ£º

Çå¾²Îó²î

ÊÂÎñÐÎò£º

¼ì²âµ½Ô´ipÖ÷»úÕýÔÚʹÓÃÄ¿µÄÖ÷»úÉÏApacheµÄCommons_Configuration»òCommons_Text¿âÖб£´æµÄÎó²î£¬£¬£¬£¬£¬½á¹¹¶ñÒâ±í´ïʽ¾ÙÐй¥»÷£¬£¬£¬£¬£¬»ñÈ¡Ö÷»úÃô¸ÐÐÅÏ¢¡¢Ö´ÐÐí§Òâ´úÂë¡¢»òÓÕµ¼Ä¿µÄÖ÷»ú¾ÙÐÐÍâÁªµÈ²Ù×÷£¬£¬£¬£¬£¬´Ó¶ø»ñÈ¡Ö÷»ú¿ØÖÆȨ¡£¡£¡£¡£¡£¡£¡£ApacheCommonsConfigurationÊÇÓÃÓÚÖÎÀíÉèÖÃÎļþµÄ×é¼þ£¬£¬£¬£¬£¬ÔÚ2.8ÒÔÇ°µÄ²¿·Ö°æ±¾ÖÐÖ§³ÖÁ˶àÖÖ±äÁ¿È¡Öµ·½·¨£¬£¬£¬£¬£¬°üÀ¨javax.script¡¢dnsºÍurl£¬£¬£¬£¬£¬µ¼Ö¿ÉÒÔÖ´ÐÐí§Òâ´úÂë»ò¾ÙÐÐÍøÂç»á¼û¡£¡£¡£¡£¡£¡£¡£ApacheCommonsTextÊÇÒ»¸öרעÓÚ×Ö·û´®Ëã·¨µÄ¿â¡£¡£¡£¡£¡£¡£¡£

¸üÐÂʱ¼ä£º

20221014