2 matches found
Apache Dubbo Hession Deserialization Vulnerability
Apache Dubbo is a microservice development framework that provides two key capabilities for RPC communication and microservice governance.Apache Dubbo Hession is vulnerable to deserialization, which can be exploited by attackers to execute arbitrary code on the target server...
CVE-2022-39198 Apache Dubbo Hession Deserialization Vulnerability Gadgets Bypass
A deserialization vulnerability existed in dubbo hessian-lite 3.2.12 and its earlier versions, which could lead to malicious code execution. This issue affects Apache Dubbo 2.7.x version 2.7.17 and prior versions; Apache Dubbo 3.0.x version 3.0.11 and prior versions; Apache Dubbo 3.1.x version...