每日分享好工具
-
Spring Security OAuth2 远程命令执行漏洞(CVE-2016-4977)
Spring Security OAuth 2.0 – 2.0.9
Spring Security OAuth 1.0 – 1.0.5
-
Spring WebFlow 远程代码执行漏洞(CVE-2017-4971)
Spring Web Flow 2.4.0-2.4.4
-
Spring Data Rest 远程命令执行漏洞(CVE-2017-8046)
Spring Data REST versions < 2.5.12, 2.6.7, 3.0 RC3
Spring Boot version < 2.0.0M4
Spring Data release trains < Kay-RC3
-
Spring Messaging 远程命令执行漏洞(CVE-2018-1270)
Spring Framework 5.0 -5.0.4
Spring Framework 4.3 - 4.3.14
-
Spring Data Commons 远程命令执行漏洞(CVE-2018-1273)
Spring Data Commons 1.13 - 1.13.10
Spring Data Commons 2.0 - 2.0.5
4、spring框架多线程漏洞扫描
参考:
https://zhuanlan.zhihu.com/p/62503952
https://blog.csdn.net/csacs/article/details/87951940
https://www.cnblogs.com/jinqi520/p/12033860.html
https://github.com/YanMu2020/SpringScan
https://github.com/YanMu2020/SpringScan
本文始发于微信公众号(LemonSec):spring框架漏洞扫描
- 左青龙
- 微信扫一扫
- 右白虎
- 微信扫一扫
评论