VYPR
Critical severityNVD Advisory· Published Dec 15, 2023· Updated Feb 13, 2025

Apache Dubbo: Bypass deny serialize list check in Apache Dubbo

CVE-2023-46279

Description

Deserialization of Untrusted Data vulnerability in Apache Dubbo.This issue only affects Apache Dubbo 3.1.5.

Users are recommended to upgrade to the latest version, which fixes the issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.apache.dubbo:dubboMaven
>= 3.1.5, < 3.1.63.1.6

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.