[SHIRO-824] how to create an allow list avoid deserialize vulnerability - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Question
Status: Closed
Priority: Critical
Resolution: Not A Problem
Affects Version/s: 1.7.1
Fix Version/s: None
Component/s: RememberMe
Labels:
None

Description

how to create an allow list (or similar), to avoid deserialize vulnerability like Shiro-550 whith rememberMe? i really check doc and google, icant't find one. thx

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: k4n5hao

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 05/Jun/21 13:43

Updated:: 07/Jun/21 17:25

Resolved:: 07/Jun/21 17:25