We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
大佬,看你这个项目调用了com.google.guava:guava等6个开源组件,存在2个安全漏洞,建议你升级下。
漏洞标题:Google Guava 代码问题漏洞 漏洞编号:CVE-2018-10237 漏洞描述: Google Guava是美国谷歌(Google)公司的一款包括图形库、函数类型、I/O和字符串处理等的Java核心库。 Google Guava 11.0版本至24.1.1版本(不包括24.1.1版本)中存在代码问题漏洞。该漏洞源于网络系统或产品的代码开发过程中存在设计或实现不当的问题。 国家漏洞库信息:https://www.cnvd.org.cn/flaw/show/CNVD-2018-10064 影响范围:[11.0, 24.1.1-android) 最小修复版本:24.1.1-android 引入路径: org.example:[email protected]>org.reflections:[email protected]>com.google.guava:[email protected]
另外1个漏洞 ,信息有点多我就不贴了,你自己看下完整报告:https://www.mfsec.cn/jr?p=i1cf99 你对这个issues有任何疑问可以回复我,我能看见哈。
The text was updated successfully, but these errors were encountered:
No branches or pull requests
大佬,看你这个项目调用了com.google.guava:guava等6个开源组件,存在2个安全漏洞,建议你升级下。
另外1个漏洞 ,信息有点多我就不贴了,你自己看下完整报告:https://www.mfsec.cn/jr?p=i1cf99
你对这个issues有任何疑问可以回复我,我能看见哈。
The text was updated successfully, but these errors were encountered: