Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

2024-09-04 Report CVE vulnerability #12595

Closed
liuxin638507 opened this issue Sep 4, 2024 · 0 comments · Fixed by #12596
Closed

2024-09-04 Report CVE vulnerability #12595

liuxin638507 opened this issue Sep 4, 2024 · 0 comments · Fixed by #12596
Labels
dependencies Pull requests that update a dependency file

Comments

@liuxin638507
Copy link

liuxin638507 commented Sep 4, 2024
edited
Loading

Describe the bug
A clear and concise description of what the bug is.
image
and

hit :["spring version less than 5.3.38"]
path:/app.jar(BOOT-INF/lib/spring-core-5.3.34.jar)

Expected behavior
A clear and concise description of what you expected to happen.

Actually behavior
A clear and concise description of what you actually to happen.

How to Reproduce
Steps to reproduce the behavior:

  1. Go to '...'
  2. Click on '....'
  3. Scroll down to '....'
  4. See errors

Desktop (please complete the following information):

  • OS: [e.g. Centos]
  • Version [e.g. nacos-server 1.3.1, nacos-client 1.3.1]
  • Module [e.g. naming/config]
  • SDK [e.g. original, spring-cloud-alibaba-nacos, dubbo]

Additional context
Add any other context about the problem here.
@liuxin638507 liuxin638507 changed the title None. 20240904 The log reports a CVE vulnerability 2024-09-04 Report CVE vulnerability Sep 4, 2024
@KomachiSion KomachiSion mentioned this issue Sep 4, 2024
Merged
5 tasks
@KomachiSion KomachiSion added the dependencies Pull requests that update a dependency file label Sep 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Upgrade spring to 5.3.39 and tomcat to 9.0.93 KomachiSion/nacos
2 participants
@liuxin638507 @KomachiSion