Skip to content

CVE-2024-38816 漏洞 #12686

New issue
New issue
Closed
Closed
CVE-2024-38816 漏洞#12686
Labels
contribution welcomedependenciesPull requests that update a dependency file
@Boranget

Description

@Boranget
Boranget
opened on Sep 25, 2024

nacos开发组你们好:
我们的项目使用了Nacos 2.4.2,今天进行漏洞扫描时扫到了漏洞 CVE-2024-38816,描述如下:

软件:spring 5.3.39
命中:["spring version less than equals 5.3.39"]
路径:C:\startup\nacos2.4.2\nacos\target\nacos-server.jar(BOOT-INF/lib/spring-core-5.3.39.jar)
扩展信息:{"jdk_version": ""}

我查看了最新版本的nacos所依赖的版本仍是5.3.39
望尽快修复。

Metadata

Metadata

Assignees

No one assigned

    Labels

    contribution welcomedependenciesPull requests that update a dependency file

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions