ÿÖÜÉý¼¶²¼¸æ-2022-10-14

°ä²¼¹¦·ò 2022-10-14
ÐÂÔöÊÂÎñ

 

ÊÂÎñÃû³Æ£º

HTTP_ÌáȨ¹¥»÷_Apache_Commons_´úÂëÖ´ÐÐ[CVE-2022-33980/CVE-2022-42889]

°²È«ÀàÐÍ£º

°²È«·ì϶

ÊÂÎñÃèÊö£º

¼ì²âµ½Ô´ipÖ÷»úÔÚÀûÓÃÖ÷ÕÅÖ÷»úÉÏApacheµÄCommons_Configuration»òCommons_Text¿âÖдæÔڵķì϶ £¬»ú¹Ø¶ñÒâ±í°×ʽ½øÐй¥»÷ £¬»ñÈ¡Ö÷»úÁé¸ÐÐÅÏ¢¡¢Ö´ÐÐËÁÒâ´úÂë¡¢»òÓÕµ¼Ö÷ÕÅÖ÷»ú½øÐбíÁªµÈ²Ù×÷ £¬´Ó¶ø»ñÈ¡Ö÷»ú½ÚÔìȨ¡£ApacheCommonsConfigurationÊÇÓÃÓÚÖÎÀíÅäÖÃÎļþµÄ×é¼þ £¬ÔÚ2.8ÒÔÇ°µÄ²¿ÃÅ°æ±¾ÖÐÖ§³ÖÁ˶àÖÖ±äÁ¿È¡Öµ·½Ê½ £¬Ô̺¬javax.script¡¢dnsºÍurl £¬µ¼ÖÂÄܹ»Ö´ÐÐËÁÒâ´úÂë»ò½øÐÐÍøÂç½Ó¼û¡£ApacheCommonsTextÊÇÒ»¸öרһÓÚ×Ö·û´®Ëã·¨µÄ¿â¡£

¸üй¦·ò£º

20221014