fastjson deserialization arbitrary code execution security vulnerability #106

tianliuliu · 2022-05-26T06:30:34Z

when fastjson <= 1.2.80 , there are fastjson deserialization arbitrary code execution security vulnerability,

https://www.oscs1024.com/hd/MPS-2022-11320

[ISSUE #106] fix fastjson update version to 1.2.83

tianliuliu added a commit to tianliuliu/rocketmq-mqtt that referenced this issue May 26, 2022

fix apache#106 fastjson update version to 1.2.83

2d241d1

tianliuliu mentioned this issue May 26, 2022

[ISSUE #106] fix fastjson update version to 1.2.83 #107

Merged

tianliuliu closed this as completed in #107 May 26, 2022

tianliuliu added a commit that referenced this issue May 26, 2022

Merge pull request #107 from tianliuliu/fix_fastjson

3a8b982

[ISSUE #106] fix fastjson update version to 1.2.83

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fastjson deserialization arbitrary code execution security vulnerability #106

fastjson deserialization arbitrary code execution security vulnerability #106

tianliuliu commented May 26, 2022

fastjson deserialization arbitrary code execution security vulnerability #106

fastjson deserialization arbitrary code execution security vulnerability #106

Comments

tianliuliu commented May 26, 2022