sevck opened a new issue #2062: URL: https://github.com/apache/rocketmq/issues/2062
Fastjson is less than 1.2.68 There is a remote command execution vulnerability. Alibaba's official website has also updated the security version for this purpose, and it is strongly recommended to fix. All versions of fastjson have remote command execution. Hackers can directly obtain server permissions. please update. alibaba news: https://github.com/alibaba/fastjson/wiki/security_update_20200601 https://github.com/alibaba/fastjson/releases ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
