Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2023-29234: Bypass serialize checks in Apache Dubbo

Related Vulnerabilities: CVE-2023-29234  
Source 
                Severity: moderate

Affected versions:

- Apache Dubbo 3.1.0 through 3.1.10
- Apache Dubbo 3.2.0 through 3.2.4

Description:

A deserialization vulnerability existed when decode a malicious package.This issue affects Apache Dubbo: from 3.1.0 
through 3.1.10, from 3.2.0 through 3.2.4.

Users are recommended to upgrade to the latest version, which fixes the issue.

Credit:

Bofei Chen, Lei Zhang, Guangliang Yang, Keke Lian and Xinyou Huang (finder)

References:

https://dubbo.apache.org/
https://www.cve.org/CVERecord?id=CVE-2023-29234

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started