Security check skip in Apache Dubbo

🗓️ 10 Sep 2021 17:23:56Reported by GitHub Advisory DatabaseType

Security check skip in Apache Dubbo, fixed in 2.7.13 and 3.0.

Reporter	Title	Published	Views	Family All 7
NVD	CVE-2021-37579	9 Sep 202108:15	–	nvd
OSV	Security check skip in Apache Dubbo	10 Sep 202117:56	–	osv
OSV	CVE-2021-37579	9 Sep 202108:15	–	osv
CVE	CVE-2021-37579	9 Sep 202108:15	–	cve
CNVD	Apache Dubbo Code Issue Vulnerability	12 Sep 202100:00	–	cnvd
Prion	Deserialization of untrusted data	9 Sep 202108:15	–	prion
Cvelist	CVE-2021-37579 Bypass deserialization checks in Apache Dubbo	9 Sep 202107:45	–	cvelist

Vulners

Node

org.apache.dubbo dubboRange3.0.0–3.0.2

org.apache.dubbo dubboRange<2.7.13

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-37579
lists	www.lists.apache.org/thread.html/r898afa109cdbb4b79724308648ff0718152ebe1d3d6dfc7202d958bc%40%3Cdev.dubbo.apache.org%3E
github	www.github.com/advisories/GHSA-q897-9jxf-jg9r

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

10 Sep 2021 17:56Current

8.9High risk

Vulners AI Score8.9

CVSS27.5

CVSS39.8

EPSS0.01054

CWE-502