Apache Dubbo Vulnerabilities
Apache Apache Dubbo vulnerabilities.
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Bypass serialize checks in Apache Dubbo
CVE-2023-29234ApacheApache Dubbo9.8CRITICALApache Dubbo: Bypass deny serialize list check in Apache Dubbo
CVE-2023-46279ApacheApache Dubbo9.8CRITICALApache Dubbo Deserialization Vulnerability Gadgets Bypass
CVE-2023-23638ApacheApache DubboπΎπ‘5MEDIUMApache Dubbo Hession Deserialization Vulnerability Gadgets Bypass
CVE-2022-39198ApacheApache Dubbo9.8CRITICALbypass of CVE-2021-25640
CVE-2022-24969ApacheApache Dubbo6.1MEDIUMDubbo Hessian cause RCE when parse error
CVE-2021-43297ApacheApache DubboπΎπ‘9.8CRITICALBypass deserialization checks in Apache Dubbo
CVE-2021-37579ApacheApache Dubbo9.8CRITICALUnprotected input value toString cause RCE
CVE-2021-36161ApacheApache Dubbo9.8CRITICALUnsafe deserialization in providers using the Hessian protocol
CVE-2021-36163ApacheApache Dubbo9.8CRITICALUnprotected yaml deserialization cause RCE
CVE-2021-36162ApacheApache Dubbo8.8HIGHOpen Redirect or SSRF vulnerability usage of parseURL
CVE-2021-25640ApacheApache Dubbo6.1MEDIUMApache Dubbo RCE on customers via Condition route poisoning (Unsafe YAML unmarshaling)
CVE-2021-30180ApacheApache Dubbo9.8CRITICALApache Dubbo RCE on customers via Script route poisoning (Nashorn script injection)
CVE-2021-30181ApacheApache Dubbo9.8CRITICALDubbo Zookeeper does not check serialization id
CVE-2021-25641ApacheApache DubboπΎπ‘9.8CRITICALApache Dubbo Pre-auth RCE via Java deserialization in the Generic filter
CVE-2021-30179ApacheApache Dubbo9.8CRITICALApache Dubbo default deserialization protocol Hessian2 cause CRE
CVE-2020-11995ApacheApache Dubbo9.8CRITICAL- CVE-2020-1948ApacheApache DubboπΎπ‘9.8CRITICAL
- CVE-2019-17564ApacheApache DubboπΎπ‘9.8CRITICAL
15 December 2023
8 March 2023
18 October 2022
9 June 2022
10 January 2022
9 September 2021
7 September 2021
1 June 2021
11 January 2021
14 July 2020
1 April 2020
No more vulnerabilities to load.