Apache Dubbo Vulnerabilities
Apache Apache Dubbo vulnerabilities.
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Bypass serialize checks in Apache Dubbo
CVE-2023-29234ApacheApache DubboEPSS 87%9.8CRITICALApache Dubbo: Bypass deny serialize list check in Apache Dubbo
CVE-2023-46279ApacheApache Dubbo9.8CRITICALApache Dubbo Deserialization Vulnerability Gadgets Bypass
CVE-2023-23638ApacheApache DubboπΎπ‘EPSS 65%5MEDIUMApache Dubbo Hession Deserialization Vulnerability Gadgets Bypass
CVE-2022-39198ApacheApache Dubbo9.8CRITICALbypass of CVE-2021-25640
CVE-2022-24969ApacheApache Dubbo6.1MEDIUMDubbo Hessian cause RCE when parse error
CVE-2021-43297ApacheApache DubboπΎπ‘EPSS 46%9.8CRITICALBypass deserialization checks in Apache Dubbo
CVE-2021-37579ApacheApache Dubbo9.8CRITICALUnprotected input value toString cause RCE
CVE-2021-36161ApacheApache Dubbo9.8CRITICALUnsafe deserialization in providers using the Hessian protocol
CVE-2021-36163ApacheApache Dubbo9.8CRITICALUnprotected yaml deserialization cause RCE
CVE-2021-36162ApacheApache Dubbo8.8HIGHOpen Redirect or SSRF vulnerability usage of parseURL
CVE-2021-25640ApacheApache Dubbo6.1MEDIUMDubbo Zookeeper does not check serialization id
CVE-2021-25641ApacheApache DubboπΎπ‘EPSS 74%9.8CRITICALApache Dubbo Pre-auth RCE via Java deserialization in the Generic filter
CVE-2021-30179ApacheApache Dubbo9.8CRITICALApache Dubbo RCE on customers via Condition route poisoning (Unsafe YAML unmarshaling)
CVE-2021-30180ApacheApache Dubbo9.8CRITICALApache Dubbo RCE on customers via Script route poisoning (Nashorn script injection)
CVE-2021-30181ApacheApache Dubbo9.8CRITICALApache Dubbo default deserialization protocol Hessian2 cause CRE
CVE-2020-11995ApacheApache Dubbo9.8CRITICALRemote Code Execution Vulnerability in Apache Dubbo by Apache
CVE-2020-1948ApacheApache DubboπΎπ‘EPSS 67%9.8CRITICALUnsafe Deserialization Vulnerability in Apache Dubbo HTTP Remoting
CVE-2019-17564ApacheApache DubboπΎπ‘EPSS 93%9.8CRITICAL