From 06ba27962b8210b4fd881cc8931b643f2f25c394 Mon Sep 17 00:00:00 2001 From: orez Date: Mon, 29 May 2023 13:23:12 +0800 Subject: [PATCH] fix CVE-2019-9212 --- src/main/resources/security/serialize.blacklist | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/main/resources/security/serialize.blacklist b/src/main/resources/security/serialize.blacklist index 74e6c32..875a642 100644 --- a/src/main/resources/security/serialize.blacklist +++ b/src/main/resources/security/serialize.blacklist @@ -63,4 +63,6 @@ org.apache.tomcat.dbcp.dbcp.BasicDataSource com.sun.org.apache.xml.internal.security.signature.XMLSignatureInput javassist.tools.web.Viewer net.bytebuddy.dynamic.loading.ByteArrayClassLoader -org.apache.commons.beanutils.BeanMap \ No newline at end of file +org.apache.commons.beanutils.BeanMap +com.caucho.naming.Qname +com.sun.org.apache.xpath.internal.objects.Xstring