Filters

Versions

2.7.0
14
2.5.0
5
3.0.0
5
3.1.0
3
2.5.10
2
2.6.0
2
2.7.12
2
3.0.1
2
3.1.5
2
2.6.7
1
2.7.17
1
2.7.21
1
2.7.4
1
3.0.11
1
3.0.13
1
3.1.10
1
3.2.0
1
3.2.4
1

Apache DubboApache Dubbo: Bypass deny serialize list check in Apache Dubbo

critical
9.8
First published (updated )
CVE-2023-46279

maven/org.apache.dubbo:dubboBypass serialize checks in Apache Dubbo

critical
9.8
First published (updated )
CVE-2023-29234

Apache DubboApache Dubbo Deserialization Vulnerability Gadgets Bypass

critical
9.8
First published (updated )
CVE-2023-23638

Apache DubboRegular expression Denial of Service in MooTools

critical
9.8
First published (updated )
CVE-2021-32824

Apache DubboApache Dubbo Hession Deserialization Vulnerability Gadgets Bypass

critical
9.8
First published (updated )
CVE-2022-39198

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Apache Dubbobypass of CVE-2021-25640

medium
6.1
First published (updated )
CVE-2022-24969

Apache DubboBypass deserialization checks in Apache Dubbo

critical
9.8
First published (updated )
CVE-2021-37579

Apache DubboUnprotected input value toString cause RCE

critical
9.8
First published (updated )
CVE-2021-36161

Apache DubboUnsafe deserialization in providers using the Hessian protocol

critical
9.8
First published (updated )
CVE-2021-36163

Apache DubboUnprotected yaml deserialization cause RCE

high
8.8
First published (updated )
CVE-2021-36162

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Apache DubboApache Dubbo RCE on customers via Condition route poisoning (Unsafe YAML unmarshaling)

critical
9.8
First published (updated )
CVE-2021-30180

Apache DubboApache Dubbo Pre-auth RCE via Java deserialization in the Generic filter

critical
9.8
First published (updated )
CVE-2021-30179

Apache DubboOpen Redirect or SSRF vulnerability usage of parseURL

medium
6.1
First published (updated )
CVE-2021-25640

Apache DubboDubbo Zookeeper does not check serialization id

critical
9.8
First published (updated )
CVE-2021-25641

Apache DubboApache Dubbo RCE on customers via Script route poisoning (Nashorn script injection)

critical
9.8
First published (updated )
CVE-2021-30181

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Apache DubboUnsafe deserialization occurs within a Dubbo application which has HTTP remoting enabled. An attacke…

critical
9.8
First published (updated )
CVE-2019-17564

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203