CVE-2019-17564-FastJson-Gadget icon indicating copy to clipboard operation
CVE-2019-17564-FastJson-Gadget copied to clipboard

Published 20 hours ago verified publisher icon Dor-Tumarkin

Metadata

Basic code for creating the Alibaba FastJson + Spring gadget chain, as used to exploit Apache Dubbo in CVE-2019-17564 - more information available at https://www.checkmarx.com/blog/apache-dubbo-unauth...

Results 2 CVE-2019-17564-FastJson-Gadget issues
Sort by recently updated
recently updated
newest added

Bump spring-web from 5.1.9.RELEASE to 6.0.0

Bumps [spring-web](https://github.com/spring-projects/spring-framework) from 5.1.9.RELEASE to 6.0.0. Release notes Sourced from spring-web's releases. v6.0.0 See What's New in Spring Framework 6.x and Upgrading to Spring Framework 6.x for upgrade instructions and...

dependabot[bot] avatar dependabot[bot]

dependencies

Bump dubbo from 2.7.3 to 2.7.15

Bumps [dubbo](https://github.com/apache/dubbo) from 2.7.3 to 2.7.15. Release notes Sourced from dubbo's releases. dubbo-2.7.15 Bugfix dubbo-spring-boot-actuator compatible with Spring Boot Actuator 2.6.x Check before use to avoid possible NPE in MetadataInfo...

dependabot[bot] avatar dependabot[bot]

dependencies

Metadata

15
Stars
2
Forks
Watchers

Owner

verified publisher icon Dor-Tumarkin

Metadata

Basic code for creating the Alibaba FastJson + Spring gadget chain, as used to exploit Apache Dubbo in CVE-2019-17564 - more information available at https://www.checkmarx.com/blog/apache-dubbo-unauth...

Back