xxl-rpc v1.7.0 exists to contain a deserialization vulnerability via the component com.xxl.rpc.core.remoting.net.impl.netty.codec.NettyDecode#decode.
xxl-rpc project xxl-rpc