Tembrel
commented
2 years ago Restlet does not refer to Spring's SerializationUtils, which appears to be at the heart of the vulnerability.
Open chenhliang opened 2 years ago
Tembrel
commented
2 years ago Restlet does not refer to Spring's SerializationUtils, which appears to be at the heart of the vulnerability.
Component of restlet-framework-java [spring-beans 3.2.8.RELEASE]. The RCE 0day vulnerability may exist. Please check whether exists. If yes, how to rectify the fault. Thank you.