Lucene search
K

CVE-2021-43297 Dubbo Hessian cause RCE when parse error

🗓️ 10 Jan 2022 15:25:48Reported by apacheType 
cvelist
 cvelist
🔗 www.cve.org👁 16 Views

Deserialization vulnerability in Dubbo Hessian-lite 3.2.11 and earlier allows RCE via parsing erro

Related
Affected
Refs
ReporterTitlePublishedViews
Family
GithubExploit
Exploit for Deserialization of Untrusted Data in Apache Dubbo
17 Jan 202212:26
githubexploit
ATTACKERKB
CVE-2021-43297
10 Jan 202216:15
attackerkb
Circl
CVE-2021-43297
14 Jan 202207:16
circl
CNNVD
Apache Dubbo 代码问题漏洞
10 Jan 202200:00
cnnvd
CNVD
Apache Dubbo Deserialization Vulnerability (CNVD-2022-05106)
14 Jan 202200:00
cnvd
CVE
CVE-2021-43297
10 Jan 202215:25
cve
Github Security Blog
Deserialization of Untrusted Data in Dubbo
12 Jan 202222:51
github
NVD
CVE-2021-43297
10 Jan 202216:15
nvd
OSV
GHSA-VP5X-3V8R-QPRW Deserialization of Untrusted Data in Dubbo
12 Jan 202222:51
osv
Prion
Deserialization of untrusted data
10 Jan 202216:15
prion
Rows per page
[
  {
    "product": "Apache Dubbo",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "lessThan": "2.6.12",
        "status": "affected",
        "version": "Apache Dubbo 2.6.x",
        "versionType": "custom"
      },
      {
        "lessThan": "2.7.15",
        "status": "affected",
        "version": "Apache Dubbo 2.7.x",
        "versionType": "custom"
      },
      {
        "lessThan": "3.0.5",
        "status": "affected",
        "version": "Apache Dubbo 3.0.x",
        "versionType": "custom"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

10 Jan 2022 15:25Current
10High risk
Vulners AI Score10
EPSS0.15313
16