ÿÖÜÉý¼¶Í¨¸æ-2022-10-14

Ðû²¼Ê±¼ä 2022-10-14
ÐÂÔöÊÂÎñ

 

ÊÂÎñÃû³Æ£º

HTTP_ÌáȨ¹¥»÷_Apache_Commons_´úÂëÖ´ÐÐ[CVE-2022-33980/CVE-2022-42889]

Çå¾²ÀàÐÍ£º

Çå¾²Îó²î

ÊÂÎñÐÎò£º

¼ì²âµ½Ô´ipÖ÷»úÕýÔÚʹÓÃÄ¿µÄÖ÷»úÉÏApacheµÄCommons_Configuration»òCommons_Text¿âÖб£´æµÄÎó²î£¬£¬ £¬£¬£¬½á¹¹¶ñÒâ±í´ïʽ¾ÙÐй¥»÷£¬£¬ £¬£¬£¬»ñÈ¡Ö÷»úÃô¸ÐÐÅÏ¢¡¢Ö´ÐÐí§Òâ´úÂë¡¢»òÓÕµ¼Ä¿µÄÖ÷»ú¾ÙÐÐÍâÁªµÈ²Ù×÷£¬£¬ £¬£¬£¬´Ó¶ø»ñÈ¡Ö÷»ú¿ØÖÆȨ¡£¡£¡£¡£¡£ApacheCommonsConfigurationÊÇÓÃÓÚÖÎÀíÉèÖÃÎļþµÄ×é¼þ£¬£¬ £¬£¬£¬ÔÚ2.8ÒÔÇ°µÄ²¿·Ö°æ±¾ÖÐÖ§³ÖÁ˶àÖÖ±äÁ¿È¡Öµ·½·¨£¬£¬ £¬£¬£¬°üÀ¨javax.script¡¢dnsºÍurl£¬£¬ £¬£¬£¬µ¼Ö¿ÉÒÔÖ´ÐÐí§Òâ´úÂë»ò¾ÙÐÐÍøÂç»á¼û¡£¡£¡£¡£¡£ApacheCommonsTextÊÇÒ»¸öרעÓÚ×Ö·û´®Ëã·¨µÄ¿â¡£¡£¡£¡£¡£

¸üÐÂʱ¼ä£º

20221014