pkg:Maven/org.apache.dubbo:dubbo

All known vulnerabilities

• CRITICAL9.8CVE-2023-29234Bypass serialize checks in Apache Dubbo
  >= 3.1.0, < 3.1.11
• CRITICAL9.8CVE-2023-46279Apache Dubbo: Bypass deny serialize list check in Apache Dubbo
  >= 3.1.5, < 3.1.6
• CRITICAL9.8CVE-2023-23638Apache Dubbo vulnerable to Deserialization of Untrusted Data
  from 0, < 2.7.22
• CRITICAL9.8CVE-2022-39198Hessian Lite for Apache Dubbo deserialization vulnerability
  >= 2.7.0, < 2.7.18
• CRITICAL9.8CVE-2021-30180Code injection in Apache Dubbo
  >= 2.7.0, < 2.7.10
• CRITICAL9.8CVE-2021-30179Deserialization of Untrusted Data in Apache Dubbo
  >= 2.5.0, < 2.7.10
• CRITICAL9.8CVE-2021-30181Code injection in Apache Dubbo
  >= 2.5.0, < 2.7.10
• CRITICAL9.8CVE-2021-25641Deserializer tampering in Apache Dubbo
  >= 2.5.0, < 2.7.8
• CRITICAL9.8CVE-2020-1948Deserialization of Untrusted Data in Apache Dubbo
  from 0, < 2.7.7
• CRITICAL9.8CVE-2021-43297Deserialization of Untrusted Data in Dubbo
  >= 2.6.0, < 2.6.12
• CRITICAL9.8CVE-2021-37579Security check skip in Apache Dubbo
  from 0, < 2.7.13
• CRITICAL9.8CVE-2021-36161Remote Code Execution in Apache Dubbo
  from 0, < 2.7.13
• CRITICAL9.8CVE-2021-36163Hessian protocol configuration vulnerability in Apache Dubbo
  >= 2.7.0, < 2.7.13
• HIGH8.8CVE-2021-36162Remote Code Execution in Apache Dubbo
  from 0, < 2.7.13
• MEDIUM6.1CVE-2022-24969Server-side request forgery in Apache Dubbo
  >= 2.5.0, < 2.7.15
• MEDIUM6.1CVE-2021-25640Server-Side Request Forgery in Apache Dubbo
  >= 2.5.0, < 2.7.10