weixin-java-tools/pom.xml at 05411dac62e867071f27c5c2423b4b7ff09e0ce9

mirror of https://gitee.com/binary/weixin-java-tools.git synced 2026-03-10 00:13:40 +08:00

Files

Binary Wang 4223abfae6 Upgrade com.thoughtworks.xstream:xstream to version 1.4.11

It was found that xstream API version 1.4.10 before 1.4.11 introduced a regression for a previous deserialization flaw. If the security framework has not been initialized, it may allow a remote attacker to run arbitrary shell commands when unmarshalling XML or any supported format. e.g. JSON. (regression of CVE-2013-7285)

2019-07-29 10:23:58 +08:00

12 KiB

Raw Blame History

View Raw

12 KiB Raw Blame History

12 KiB

Raw Blame History