⬆️ XStream < 1.4.15 反序列化漏洞(CVE-2020-26258、CVE-2020-26259)

This commit is contained in:
ronger 2021-03-16 11:00:26 +08:00
parent e7afb5e67e
commit ab45193ae8

11
pom.xml
View File

@ -172,7 +172,7 @@
<dependency> <dependency>
<groupId>com.github.binarywang</groupId> <groupId>com.github.binarywang</groupId>
<artifactId>weixin-java-open</artifactId> <artifactId>weixin-java-open</artifactId>
<version>3.9.0</version> <version>4.0.0</version>
<exclusions> <exclusions>
<exclusion> <exclusion>
<groupId>commons-codec</groupId> <groupId>commons-codec</groupId>
@ -182,8 +182,17 @@
<groupId>commons-io</groupId> <groupId>commons-io</groupId>
<artifactId>commons-io</artifactId> <artifactId>commons-io</artifactId>
</exclusion> </exclusion>
<exclusion>
<groupId>com.thoughtworks.xstream</groupId>
<artifactId>xstream</artifactId>
</exclusion>
</exclusions> </exclusions>
</dependency> </dependency>
<dependency>
<groupId>com.thoughtworks.xstream</groupId>
<artifactId>xstream</artifactId>
<version>1.4.15</version>
</dependency>
<dependency> <dependency>
<groupId>com.github.jedis-lock</groupId> <groupId>com.github.jedis-lock</groupId>
<artifactId>jedis-lock</artifactId> <artifactId>jedis-lock</artifactId>