Apache Dubbo is a lightweight Java-based RPC (remote procedure call) framework from the Apache Foundation in the United States. The product provides interface-based remote calling, fault tolerance and load balancing, and automatic service registration and discovery.A security vulnerability exists in Apache Dubbo, which stems from insecure deserialization of serialized data received by an application from a user, and could be exploited by an attacker to cause malicious code execution.
CPE | Name | Operator | Version |
---|---|---|---|
apache dubbo >=2.7.0, | le | 2.7.21 | |
apache dubbo >=3.0.0, | le | 3.0.13 | |
apache dubbo >=3.1.0, | le | 3.1.5 |