sparkzxl-framework
sparkzxl-framework copied to clipboard
zhouxinlei828
sparkzxl 基于spring boot的组件库
Bumps [dubbo](https://github.com/apache/dubbo) from 3.0.10 to 3.0.12. Release notes Sourced from dubbo's releases. dubbo-3.0.12 What's Changed optimize AccessLogFilter by @a364176773 in apache/dubbo#10488 Add some test cases and optimizations by @BurningCN in...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [dubbo](https://github.com/apache/dubbo) from 3.0.10 to 3.0.12. Release notes Sourced from dubbo's releases. dubbo-3.0.12 What's Changed optimize AccessLogFilter by @a364176773 in apache/dubbo#10488 Add some test cases and optimizations by @BurningCN in...
Bumps [protobuf-java](https://github.com/protocolbuffers/protobuf) from 3.20.1 to 3.20.3. Release notes Sourced from protobuf-java's releases. Protocol Buffers v3.20.3 Java Refactoring java full runtime to reuse sub-message builders and prepare to migrate parsing logic...
Bumps [aws-java-sdk-s3](https://github.com/aws/aws-sdk-java) from 1.11.941 to 1.12.261. Changelog Sourced from aws-java-sdk-s3's changelog. 1.12.261 2022-07-14 AWS Config Features Update ResourceType enum with values for Route53Resolver, Batch, DMS, Workspaces, Stepfunctions, SageMaker, ElasticLoadBalancingV2, MSK...
检测到 sparkzxl/sparkzxl-framework 一共引入了3227个开源组件,存在147个漏洞 ``` 漏洞标题:netty 安全漏洞 缺陷组件:io.netty:[email protected] 漏洞编号:CVE-2021-37136 漏洞描述:Netty是Netty社区的一款非阻塞I/O客户端-服务器框架,它主要用于开发Java网络应用程序,如协议服务器和客户端等。 netty存在安全漏洞,该漏洞源于Bzip2 decompression decoder功能不允许对解压输出数据设置大小限制(这会影响解压期间使用的分配大小)。攻击者可利用该漏洞引发DoS攻击。 影响范围:(∞, 4.1.68.Final) 最小修复版本:4.1.68.Final 缺陷组件引入路径:com.github.sparkzxl:[email protected]>org.springframework.boot:[email protected]>org.springframework.boot:[email protected]>io.projectreactor.netty:[email protected]>io.netty:[email protected]>io.netty:[email protected] ``` 另外还有147个漏洞,详细报告:https://mofeisec.com/jr?p=i89058
![dependasec[bot] avatar](https://avatars.githubusercontent.com/in/180093?v=4 "dependasec[bot] avatar"){kind=avatar}
你这个sparkzxl-cache-starter项目里面的这个CaffeineCacheImpl 的increment 这个方法,代码实现逻辑上有bug 方法的全路径:com.github.sparkzxl.cache.service.CaffeineCacheImpl#increment(java.lang.String)
Bumps [okio](https://github.com/square/okio) from 2.8.0 to 3.4.0. Changelog Sourced from okio's changelog. Version 3.4.0 2023-07-07 New: Adapt a Java NIO FileSystem (java.nio.file.FileSystem) as an Okio FileSystem using fileSystem.asOkioFileSystem(). New: Adapt Android’s...
Bumps [bcprov-jdk15to18](https://github.com/bcgit/bc-java) from 1.72 to 1.74. Changelog Sourced from bcprov-jdk15to18's changelog. 2.1.1 Version Release: 1.76 Date: TBD 2.2.1 Version Release: 1.75 Date: 2023, June 21st 2.3.1 Version Release: 1.74 Date: ...
Bumps [grpc-protobuf](https://github.com/grpc/grpc-java) from 1.44.1 to 1.53.0. Release notes Sourced from grpc-protobuf's releases. v1.53.0 New Features googleapis: Allow user set c2p bootstrap config (#9856) xds: Add contain and stringMatcher in RouteConfiguration...
Bumps [guava](https://github.com/google/guava) from 30.1.1-jre to 32.0.0-jre. Release notes Sourced from guava's releases. 32.0.0 Maven <dependency> <groupId>com.google.guava</groupId> <artifactId>guava</artifactId> <version>32.0.0-jre</version> <!-- or, for Android: --> <version>32.0.0-android</version> </dependency> Jar files 32.0.0-jre.jar 32.0.0-android.jar Guava...