GHSA-5MC7-M686-P6JG Deserialization of Untrusted Data in Apache Dubbo

Apache Dubbo prior to 2.6.9 and 2.7.10 by default supports generic calls to arbitrary methods exposed by provider interfaces. These invocations are handled by the GenericFilter which will find the service and method specified in the first arguments of the invocation and use the Java Reflection AP...