2 matches found
Apache Dubbo 代码问题漏洞
Apache Dubbo is the Apache Foundation's Java-based high-performance open source RPC framework. A deserialization vulnerability exists in Apache Dubbo versions prior to 2.7.8 and 2.6.9. An attacker can use this vulnerability to further exploit by tampering with byte leading flags and specifying a...
PYSEC-2019-5
Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path traversal vulnerability which allows copying and overwriting files outside of the specified destination in the local ansible controller host, by not restricting an absolute path...