New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unsafe deserialization in com.alibaba:fastjson #878
Comments
ok, we will try replace it in the next minor version. |
@king1302217 The java sdk is using this version: Line 96 in 64e42bf
So, can we say it is safe now? |
@yhmo Fastjson is forbidden to use in my company. As far as I know, this jar is forbidden in many companies. So it is better to fix it in the next version |
@yhmo Our company also prohibits the use of Fastjson, and we have the same requirement. Can you optimize and upgrade it |
Currently, the |
Yes, but i think it is very necessary to fix because many companies prohibit the use of Fastjson. So hope we can upgrade in next version. @yhmo |
Note: |
milvus-sdk-java rely on fastjson. This jar is unsafe to use. Can we upgrate fastjson to other jar, such as jackson or gson?
The text was updated successfully, but these errors were encountered: