Skip to content

Consider to upgrade to use fastjson 1.2.58 for 2.6.x #4623

Closed
Closed
Consider to upgrade to use fastjson 1.2.58 for 2.6.x#4623
@qixiaobo

Description

@qixiaobo
qixiaobo
opened on Jul 22, 2019

I have searched the issues of this repository and believe that this is not a duplicate.
I have checked the FAQ of this repository and believe that this is not a duplicate.
Environment
Dubbo version: 2.6.x
Operating System version: all
Java version: all
Steps to reproduce this issue
fastjson <= 1.2.48 considers vulnerable, see https://www.anquanke.com/post/id/181874
we are using 1.2.46, I think it's better to use the latest version fastjson-1.2.58 if possible.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions