VYPR

Maven package

com.alipay.sofa/rpc-sofa-boot-starter

pkg:maven/com.alipay.sofa/rpc-sofa-boot-starter

Vulnerabilities (1)

  • CVE-2024-23636Jan 23, 2024
    affected < 5.12.0fixed 5.12.0

    SOFARPC is a Java RPC framework. SOFARPC defaults to using the SOFA Hessian protocol to deserialize received data, while the SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous classes for security protection. But, prior to versio