New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Tomcat CVE-2023-42795漏洞有升级计划嘛 #2705

Closed

1 task

JianhuaGong opened this issue Oct 20, 2023 · 3 comments

Closed

1 task

Tomcat CVE-2023-42795漏洞有升级计划嘛 #2705

JianhuaGong opened this issue Oct 20, 2023 · 3 comments

Milestone

JianhuaGong commented Oct 20, 2023

我已经在 issues 里搜索，没有重复的issue。

环境信息

arthas-boot.jar 或者 as.sh 的版本： 3.6.6，3.7.0
Arthas 版本: 3.7.0
操作系统版本: 无
目标进程的JVM版本: 无
执行arthas-boot的版本: 无

重现问题的步骤

漏洞说明：https://nvd.nist.gov/vuln/detail/CVE-2023-42795

The text was updated successfully, but these errors were encountered:

Collaborator

hengyunabc commented Oct 20, 2023

是指 tunnel server 吗？arthas里应该只有这里用到。可以先自己改下依赖打包。

Author

JianhuaGong commented Oct 21, 2023

是的，社区最好在下一版本也修复一下。

hengyunabc added this to the 4.0.0 milestone

Collaborator

hengyunabc commented Jul 21, 2024

spring boot升级已到 2.7.18

hengyunabc closed this as completed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment