ÿÖÜÉý¼¶Í¨¸æ-2022-10-14

Ðû²¼Ê±¼ä 2022-10-14
ÐÂÔöʼþ

 

ʼþÃû³Æ£º

HTTP_ÌáȨ¹¥»÷_Apache_Commons_´úÂëÖ´ÐÐ[CVE-2022-33980/CVE-2022-42889]

Äþ¾²ÀàÐÍ£º

Äþ¾²Â©¶´

ʼþÃèÊö£º

¼ì²âµ½Ô´ipÖ÷»úÕýÔÚÀûÓÃÄ¿µÄÖ÷»úÉÏApacheµÄCommons_Configuration»òCommons_Text¿âÖдæÔڵĩ¶´£¬½á¹¹¶ñÒâ±í´ïʽ½øÐй¥»÷£¬»ñÈ¡Ö÷»úÃô¸ÐÐÅÏ¢¡¢Ö´ÐÐÈÎÒâ´úÂë¡¢»òÓÕµ¼Ä¿µÄÖ÷»ú½øÐÐÍâÁªµÈ²Ù×÷£¬´Ó¶ø»ñÈ¡Ö÷»ú¿ØÖÆȨ¡£ApacheCommonsConfigurationÊÇÓÃÓÚ¹ÜÀíÅäÖÃÎļþµÄ×é¼þ£¬ÔÚ2.8ÒÔÇ°µÄ²¿ÃÅ°æ±¾ÖÐÖ§³ÖÁ˶àÖÖ±äÁ¿È¡Öµ·½Ê½£¬°üÂÞjavax.script¡¢dnsºÍurl£¬µ¼Ö¿ÉÒÔÖ´ÐÐÈÎÒâ´úÂë»ò½øÐÐÍøÂç·ÃÎÊ¡£ApacheCommonsTextÊÇÒ»¸öרעÓÚ×Ö·û´®Ëã·¨µÄ¿â¡£

¸üÐÂʱ¼ä£º

20221014