search

didi / KnowStreaming

一站式云原生实时流数据平台,通过0侵入、插件化构建企业级Kafka服务,极大降低操作、存储和管理实时流数据门槛
https://knowstreaming.com
GNU Affero General Public License v3.0
6.99k stars 1.28k forks source link

There is a vulnerability in spring 5.1.3.RELEASE ,upgrade recommended #270

Closed QiAnXinCodeSafe closed 2 years ago

QiAnXinCodeSafe commented 3 years ago

https://github.com/didi/Logi-KafkaManager/blob/74aeb55acb402a63f6de8a1f4300c66595a26494/kafka-manager-common/pom.xml#L25

CVE-2020-5398 CVE-2020-5421

Recommended upgrade version:5.1.18.RELEASE

ZQKC commented 2 years ago

近期2.6.0版本我们处理一下该问题~