CVE-2021-25640

In Apache Dubbo prior to 2.6.9 and 2.7.9, the usage of parseURL method will lead to the bypass of white host check which can cause open redirect or SSRF vulnerability...

Apache Dubbo code issue vulnerability (CNVD-2022-53583)

Apache Dubbo is the United States Apache Apache Foundation of a lightweight Java-based RPC Remote Procedure Call framework. The product provides interface-based remote calling , fault tolerance and load balancing and automatic service registration and discovery. A security vulnerability exists in...

Server side request forgery (ssrf)

bypass CVE-2021-25640 In Apache Dubbo prior to 2.6.12 and 2.7.15, the usage of parseURL method will lead to the bypass of the white host check which can cause open redirect or SSRF vulnerability...

CVE-2022-24969 bypass of CVE-2021-25640

bypass CVE-2021-25640 In Apache Dubbo prior to 2.6.12 and 2.7.15, the usage of parseURL method will lead to the bypass of the white host check which can cause open redirect or SSRF vulnerability...

CVE-2022-24969

Apache Dubbo prior to versions 2.6.12 and 2.7.15 has a vulnerability where the parseURL method bypasses the white host check. The issue can enable open redirection or server-side request forgery (SSRF) as described in CVE-2022-24969 and related advisories. Affected component: parseURL handling in...

Server-Side Request Forgery (SSRF)

In Apache Dubbo prior to 2.6.9 and 2.7.9, the usage of parseURL method will lead to the bypass of white host check which can cause open redirect or SSRF vulnerability...

Server side request forgery (ssrf)

In Apache Dubbo prior to 2.6.9 and 2.7.9, the usage of parseURL method will lead to the bypass of white host check which can cause open redirect or SSRF vulnerability...