mrhking / mmqtt Goto Github PK
View Code? Open in Web Editor NEWAn Open-Source, Distributed MQTT Broker for IoT.
License: Apache License 2.0
An Open-Source, Distributed MQTT Broker for IoT.
License: Apache License 2.0
检测到 MrHKing/mmqtt 一共引入了64个开源组件,存在21个漏洞
漏洞标题:Vmware VMware Spring Security 权限许可和访问控制问题漏洞
缺陷组件:org.springframework.security:[email protected]
漏洞编号:CVE-2021-22112
漏洞描述:Vmware VMware Spring Security是美国威睿(Vmware)公司的一套为基于Spring的应用程序提供说明性安全保护的安全框架。
VMware Spring Security 中存在权限许可和访问控制问题漏洞。该漏洞源于攻击者可以通过Spring Security的多个SecurityContext更改绕过限制,以提升其权限。以下产品及版本受到影响:Spring Security 5.4.0 至 5.4.3 版本, Spring Security 5.3.0.RELEASE 至 5.3.7.RELEASE 版本, Spring Security 5.2.0.RELEASE 至 5.2.8.RELEASE 版本。
影响范围:(∞, 5.2.9.RELEASE)
最小修复版本:5.2.9.RELEASE
缺陷组件引入路径:org.monkey.mmq:[email protected]>org.springframework.boot:[email protected]>org.springframework.security:[email protected]>org.springframework.security:[email protected]
另外还有21个漏洞,详细报告:https://mofeisec.com/jr?p=i7f469
V1.1.1好像在mysql存储有bug
新建规则引擎资源时,点击测试连接,测试失败没有弹出提示,请求返回状态码400
应该是有文件丢失了~~
com.microsoft.sqlserver.jdbc.SQLServerException: 驱动程序无法通过使用安全套接字层(SSL)加密与 SQL Server 建立安全连接
编辑一个已有的规则引擎资源时,弹出的表单是未填写的状态,未显示已填写内容。
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.