We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
检测到 licocon/spring-boot-first 一共引入了13个开源组件,存在18个漏洞
漏洞标题:Apache Tomcat 操作系统命令注入漏洞 缺陷组件:org.apache.tomcat.embed:tomcat-embed-core@8.5.31 漏洞编号:CVE-2019-0232 漏洞描述:Apache Tomcat是美国阿帕奇(Apache)基金会的一款轻量级Web应用服务器。该程序实现了对Servlet和JavaServer Page(JSP)的支持。 Apache Tomcat 9.0.0.M1版本至9.0.17版本、8.5.0版本至8.5.39版本和7.0.0版本至7.0.93版本中的CGI Servlet存在操作系统命令注入漏洞。远程攻击者可利用该漏洞执行代码。 国家漏洞库信息:https://www.cnvd.org.cn/flaw/show/CNVD-2019-09856 影响范围:[8.5.0, 8.5.40) 最小修复版本:8.5.40 缺陷组件引入路径:org.example:spring-boot-first@1.0-SNAPSHOT->org.apache.tomcat.embed:tomcat-embed-core@8.5.31
另外还有18个漏洞,详细报告:https://mofeisec.com/jr?p=ic5c2c
The text was updated successfully, but these errors were encountered:
No branches or pull requests
检测到 licocon/spring-boot-first 一共引入了13个开源组件,存在18个漏洞
另外还有18个漏洞,详细报告:https://mofeisec.com/jr?p=ic5c2c
The text was updated successfully, but these errors were encountered: