CVE:
https://www.openwall.com/lists/oss-security/2023/07/19/3
代码修复:
https://github.com/apache/shardingsphere/commit/f84fd2abf454791b4e3d4a5fb79c5e40f421df08
关于 SnakeYAML RCE:
https://github.com/artsploit/yaml-payload/
原文始发于微信公众号(Ots安全):CVE-2023-28754 Apache ShardingSphere RCE(SnakeYAML 反序列化)
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论