public/dataease
1
0
Fork 0
mirror of https://github.com/dataease/dataease.git synced 2026-05-15 05:22:13 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: 【漏洞】DataEase DB2 JNDI Vulnerability

Browse Source
This commit is contained in:
taojinlong
2025-11-17 15:09:37 +08:00
committed by taojinlong
parent 89de37b49c
commit b7e585c1cc
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
core/core-backend/src/main/java/io/dataease/datasource/type/Db2.java
View File

@@ -20,7 +20,7 @@ public class Db2 extends DatasourceConfiguration {
// 新增LDAP协议及相关危险参数
"ldap://", "ldaps://", "java.naming.factory.object", "java.naming.factory.state",
// 其他JDBC危险参数
"autoDeserialize", "connectionProperties", "initSQL", "dns", "file", "ftp"
"autoDeserialize", "connectionProperties", "initSQL", "dns", "file", "ftp", "iiop", "corbaname", "iiopname"
);
public String getJdbc() {