cc.ecore:spring-jfinal (=0.0.1), cc.ecore:spring-jfinal-plugin (>=0.1.0 <=0.1.2) +162 more potentially affected by CVE-2021-31649 via com.jfinal:jfinal (>=1.4 <=4.9.08)

com.jfinal:jfinal MAVEN version =1.4, =0.1.0, =0.1.1, =1.0.0, =1.0, =3.30.7-RELEASE, =0.0.8, =0.0.8, =0.0.8, =1.29.1.trial, =1.29.1.trial, =1.45.0 - cn.dreampie:jfinal-akka =0.1 - cn.dreampie:jfinal-captcha =0.1 and more Source cves: CVE-2021-31649 Source advisory: OSV:GHSA-H3J8-FR5Q-8RFR...

CVE-2021-31649

In applications using jfinal 4.9.08 and below, there is a deserialization vulnerability when using redis,may be vulnerable to remote code execute...