ÿÖÜÉý¼¶Í¨¸æ-2022-10-14

Ðû²¼Ê±¼ä 2022-10-14
ÐÂÔöÊÂÎñ

 

ÊÂÎñÃû³Æ£º

HTTP_ÌáȨ¹¥»÷_Apache_Commons_´úÂëÖ´ÐÐ[CVE-2022-33980/CVE-2022-42889]

Çå¾²ÀàÐÍ£º

Çå¾²Îó²î

ÊÂÎñÐÎò£º

¼ì²âµ½Ô´ipÖ÷»úÕýÔÚʹÓÃÄ¿µÄÖ÷»úÉÏApacheµÄCommons_Configuration»òCommons_Text¿âÖб£´æµÄÎó²î£¬£¬£¬£¬£¬£¬£¬½á¹¹¶ñÒâ±í´ïʽ¾ÙÐй¥»÷£¬£¬£¬£¬£¬£¬£¬»ñÈ¡Ö÷»úÃô¸ÐÐÅÏ¢¡¢Ö´ÐÐí§Òâ´úÂë¡¢»òÓÕµ¼Ä¿µÄÖ÷»ú¾ÙÐÐÍâÁªµÈ²Ù×÷£¬£¬£¬£¬£¬£¬£¬´Ó¶ø»ñÈ¡Ö÷»ú¿ØÖÆȨ¡£¡£ ¡£¡£ApacheCommonsConfigurationÊÇÓÃÓÚÖÎÀíÉèÖÃÎļþµÄ×é¼þ£¬£¬£¬£¬£¬£¬£¬ÔÚ2.8ÒÔÇ°µÄ²¿·Ö°æ±¾ÖÐÖ§³ÖÁ˶àÖÖ±äÁ¿È¡Öµ·½·¨£¬£¬£¬£¬£¬£¬£¬°üÀ¨javax.script¡¢dnsºÍurl£¬£¬£¬£¬£¬£¬£¬µ¼Ö¿ÉÒÔÖ´ÐÐí§Òâ´úÂë»ò¾ÙÐÐÍøÂç»á¼û¡£¡£ ¡£¡£ApacheCommonsTextÊÇÒ»¸öרעÓÚ×Ö·û´®Ëã·¨µÄ¿â¡£¡£ ¡£¡£

¸üÐÂʱ¼ä£º

20221014