5 matches found
CVE-2023-33496
xxl-rpc v1.7.0 was discovered to contain a deserialization vulnerability via the component com.xxl.rpc.core.remoting.net.impl.netty.codec.NettyDecodedecode...
cn.centychen:xxl-job-spring-boot-starter (>=1.0.0-RELEASE <=1.0.1-RELEASE), cn.com.365trade.oss:xxl-job-admin (>=2.2.1.1_zzlh <=2.2.1_zzlh) +31 more potentially affected by CVE-2023-33496 via com.xuxueli:xxl-rpc-core (>=1.2.0 <=1.6.0)
com.xuxueli:xxl-rpc-core MAVEN version =1.2.0, =1.0.0-RELEASE, =2.2.1.1zzlh, =2.2.1.1zzlh, =1.1.1, =2.1.1-RELEASE, =0.0.1, =0.0.1, =2.0.4, =2.0.4, =0.0.1, =2.0.5 and more Source cves: CVE-2023-33496 Source advisory: OSV:GHSA-C29G-Q3H3-MWCF...
CVE-2023-33496
xxl-rpc v1.7.0 was discovered to contain a deserialization vulnerability via the component com.xxl.rpc.core.remoting.net.impl.netty.codec.NettyDecodedecode...
CVE-2023-33496
xxl-rpc v1.7.0 was discovered to contain a deserialization vulnerability via the component com.xxl.rpc.core.remoting.net.impl.netty.codec.NettyDecodedecode...
CVE-2023-33496
CVE-2023-33496 affects XXL-RPC (v1.7.0) and is due to a deserialization vulnerability in the NettyDecode#decode path of the Netty-based remoting codec. The issue allows untrusted data to be deserialized, with sources indicating potential remote code execution. The CVSS 3.1 data reports a critical...