8000 同学,您这个项目引入了3个开源组件,存在3个漏洞,辛苦升级一下 · Issue #1 · justcodingxr/SSM · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings
同学,您这个项目引入了3个开源组件,存在3个漏洞,辛苦升级一下 #1
New issue
New issue
Open
Open
同学,您这个项目引入了3个开源组件,存在3个漏洞,辛苦升级一下#1
@ghost

Description

@ghost
ghost
opened on Mar 7, 2022

检测到 justcodingxr/SSM 一共引入了3个开源组件,存在3个漏洞

漏洞标题:Oracle MySQL 输入验证错误漏洞
缺陷组件:mysql:mysql-connector-java@8.0.13
漏洞编号:CVE-2021-2471
漏洞描述:Oracle MySQL是美国甲骨文(Oracle)公司的一套开源的关系数据库管理系统。
Oracle MySQL 的 MySQL Connectors 产品中存在输入验证错误漏洞,该漏洞允许高特权攻击者通过多种协议访问网络来破坏 MySQL 连接器。成功攻击此漏洞会导致对关键数据的未授权访问或对所有 MySQL 连接器可访问数据的完全访问,以及导致 MySQL 连接器挂起或频繁重复崩溃。
影响范围:(∞, 8.0.27)
最小修复版本:8.0.27
缺陷组件引入路径:org.example:03mybatis_impDao@1.0-SNAPSHOT->mysql:mysql-connector-java@8.0.13

另外还有3个漏洞,详细报告:https://mofeisec.com/jr?p=iba8fc

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions
      0