Lucene search
+L

8 matches found

GithubExploit
GithubExploit
added 2025/07/11 7:47 a.m.268 views

Exploit for Deserialization of Untrusted Data in Apache Dubbo

CVE-2023-23638 For educational purposes only. Provided by Zo...

9.8CVSS7.3AI score0.04847EPSS
Exploits3
hivepro
hivepro
added 2023/03/23 8:2 a.m.81 views

A Deserialization Vulnerability Found in Apache Dubbo

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Apache has released a security notice for a deserialization vulnerability CVE-2023-23638 in Apache Dubbo that allows remote attackers to execute arbitrary code on the target system. To receive...

9.6AI score0.04847EPSS
Exploits3
GithubExploit
GithubExploit
added 2023/03/22 11:23 a.m.178 views

Exploit for Deserialization of Untrusted Data in Apache Dubbo

CVE-2023-23638 For educational purposes only. Provided by Zo...

9.8CVSS7.3AI score0.04847EPSS
Exploits3
GithubExploit
GithubExploit
added 2023/03/22 11:23 a.m.887 views

Exploit for Deserialization of Untrusted Data in Apache Dubbo

CVE-2023-23638 For educational purposes only. Provided by Zo...

9.8CVSS7.3AI score0.04847EPSS
Exploits3
NVD
NVD
added 2023/03/08 11:15 a.m.22 views

CVE-2023-23638

A deserialization vulnerability existed when dubbo generic invoke, which could lead to malicious code execution. This issue affects Apache Dubbo 2.7.x version 2.7.21 and prior versions; Apache Dubbo 3.0.x version 3.0.13 and prior versions; Apache Dubbo 3.1.x version 3.1.5 and prior versions...

9.8CVSS7.5AI score0.04847EPSS
Exploits3References1
Cvelist
Cvelist
added 2023/03/08 10:48 a.m.29 views

CVE-2023-23638 Apache Dubbo Deserialization Vulnerability Gadgets Bypass

A deserialization vulnerability existed when dubbo generic invoke, which could lead to malicious code execution. This issue affects Apache Dubbo 2.7.x version 2.7.21 and prior versions; Apache Dubbo 3.0.x version 3.0.13 and prior versions; Apache Dubbo 3.1.x version 3.1.5 and prior versions...

5CVSS9.9AI score0.04847EPSS
Exploits3References1
CVE
CVE
added 2023/03/08 10:48 a.m.193 views

CVE-2023-23638

Apache Dubbo CVE-2023-23638 describes a deserialization flaw during generic-invoke that enables remote code execution. Affected: Dubbo 2.7.x (≤2.7.21), 3.0.x (≤3.0.13), 3.1.x (≤3.1.5). Root cause: insecure deserialization in the generic invoke path. Impact: potential RCE with high impact to confi...

9.8CVSS7.3AI score0.04847EPSS
Exploits3References1Affected Software1
OSV
OSV
added 2023/03/08 10:48 a.m.38 views

CVE-2023-23638 Apache Dubbo Deserialization Vulnerability Gadgets Bypass

A deserialization vulnerability existed when dubbo generic invoke, which could lead to malicious code execution. This issue affects Apache Dubbo 2.7.x version 2.7.21 and prior versions; Apache Dubbo 3.0.x version 3.0.13 and prior versions; Apache Dubbo 3.1.x version 3.1.5 and prior versions...

5CVSS7.3AI score0.04847EPSS
Exploits3References3
Rows per page
Query Builder