ÿÖÜÉý¼¶Í¨¸æ-2022-10-14

Ðû²¼Ê±¼ä 2022-10-14
ÐÂÔöÊÂÎñ

 

ÊÂÎñÃû³Æ£º

HTTP_ÌáȨ¹¥»÷_Apache_Commons_´úÂëÖ´ÐÐ[CVE-2022-33980/CVE-2022-42889]

Çå¾²ÀàÐÍ£º

Çå¾²Îó²î

ÊÂÎñÐÎò£º

¼ì²âµ½Ô´ipÖ÷»úÕýÔÚʹÓÃÄ¿µÄÖ÷»úÉÏApacheµÄCommons_Configuration»òCommons_Text¿âÖб£´æµÄÎó²î£¬½á¹¹¶ñÒâ±í´ïʽ¾ÙÐй¥»÷£¬»ñÈ¡Ö÷»úÃô¸ÐÐÅÏ¢¡¢Ö´ÐÐí§Òâ´úÂë¡¢»òÓÕµ¼Ä¿µÄÖ÷»ú¾ÙÐÐÍâÁªµÈ²Ù×÷£¬´Ó¶ø»ñÈ¡Ö÷»ú¿ØÖÆȨ¡£ApacheCommonsConfigurationÊÇÓÃÓÚÖÎÀíÉèÖÃÎļþµÄ×é¼þ£¬ÔÚ2.8ÒÔÇ°µÄ²¿·Ö°æ±¾ÖÐÖ§³ÖÁ˶àÖÖ±äÁ¿È¡Öµ·½·¨£¬°üÀ¨javax.script¡¢dnsºÍurl£¬µ¼Ö¿ÉÒÔÖ´ÐÐí§Òâ´úÂë»ò¾ÙÐÐÍøÂç»á¼û¡£ApacheCommonsTextÊÇÒ»¸öרעÓÚ×Ö·û´®Ëã·¨µÄ¿â¡£

¸üÐÂʱ¼ä£º

20221014