CVE-2023-1436 from jettison 1.5.2/1.5.3

Question

emmansun opened this issue a year ago · 2 comments

请升级依赖包jettison 到1.5.4。

Answer 1 · 2024-05-14T05:26:53.000Z

还有依赖httpClient也要升级！
CVE-2020-13956 5.3 Improper Input Validation vulnerability with Medium severity found

Answer 2 · 2024-06-24T01:36:59.000Z

org.codehaus.jettison这啥包?怎么还有人用? 用你们自己的fastjson或者jackson不香吗? 搞得一个项目好几个json库