>= 3.1.0, < 3.1.11
CRITICAL9.8CVE-2023-46279Apache Dubbo: Bypass deny serialize list check in Apache Dubbo >= 3.1.5, < 3.1.6
CRITICAL9.8CVE-2023-23638Apache Dubbo vulnerable to Deserialization of Untrusted Data from 0, < 2.7.22
CRITICAL9.8Hessian Lite for Apache Dubbo deserialization vulnerability
>= 2.7.0, < 2.7.18
CRITICAL9.8Code injection in Apache Dubbo
>= 2.7.0, < 2.7.10
CRITICAL9.8Deserialization of Untrusted Data in Apache Dubbo
>= 2.5.0, < 2.7.10
CRITICAL9.8Code injection in Apache Dubbo
>= 2.5.0, < 2.7.10
CRITICAL9.8Deserializer tampering in Apache Dubbo
>= 2.5.0, < 2.7.8
CRITICAL9.8Deserialization of Untrusted Data in Apache Dubbo
from 0, < 2.7.7
CRITICAL9.8Deserialization of Untrusted Data in Dubbo
>= 2.6.0, < 2.6.12
CRITICAL9.8Security check skip in Apache Dubbo
from 0, < 2.7.13
CRITICAL9.8Remote Code Execution in Apache Dubbo
from 0, < 2.7.13
CRITICAL9.8Hessian protocol configuration vulnerability in Apache Dubbo
>= 2.7.0, < 2.7.13
HIGH8.8Remote Code Execution in Apache Dubbo
from 0, < 2.7.13
MEDIUM6.1Server-side request forgery in Apache Dubbo
>= 2.5.0, < 2.7.15
MEDIUM6.1Server-Side Request Forgery in Apache Dubbo
>= 2.5.0, < 2.7.10