CVE-2023-23638
Apache Dubbo Deserialization Vulnerability Gadgets Bypass
A deserialization vulnerability existed when dubbo generic invoke, which could lead to malicious code execution.
This issue affects Apache Dubbo 2.7.x version 2.7.21 and prior versions; Apache Dubbo 3.0.x version 3.0.13 and prior versions; Apache Dubbo 3.1.x version 3.1.5 and prior versions.
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Produtos afetados
Apache Software Foundation · Apache DubboQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →