We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
sofa版本2.2.2,其中引入的三方库netty 4.1.90.Final中扫描出开源漏洞: CVE-2023-34462 CVE-2023-44487 CVE-2023-4586 漏洞查询参考信息: https://www.cnnvd.org.cn/home/loophole
sofa版本2.2.2,其中引入的三方库logback 1.2.9中扫描出开源漏洞: CVE-2023-6378 漏洞查询参考信息: https://www.cnnvd.org.cn/home/loophole
The text was updated successfully, but these errors were encountered:
麻烦看下新版本,还有没有漏洞问题呢?
Sorry, something went wrong.
最新版本3.1.0依赖的netty 4.1.94.Final,目前已知的4.1.100.Final还有有漏洞问题 问题参考: spring-projects/spring-boot#38094
那这用什么版本呢?方便提个pr吗?
Successfully merging a pull request may close this issue.
sofa版本2.2.2,其中引入的三方库netty 4.1.90.Final中扫描出开源漏洞:
CVE-2023-34462
CVE-2023-44487
CVE-2023-4586
漏洞查询参考信息:
https://www.cnnvd.org.cn/home/loophole
sofa版本2.2.2,其中引入的三方库logback 1.2.9中扫描出开源漏洞:
CVE-2023-6378
漏洞查询参考信息:
https://www.cnnvd.org.cn/home/loophole
The text was updated successfully, but these errors were encountered: