Maven package
com.alipay.sofa/rpc-sofa-boot-starter
pkg:maven/com.alipay.sofa/rpc-sofa-boot-starter
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-23636 | — | < 5.12.0 | 5.12.0 | Jan 23, 2024 | SOFARPC is a Java RPC framework. SOFARPC defaults to using the SOFA Hessian protocol to deserialize received data, while the SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous classes for security protection. But, prior to versio |
- CVE-2024-23636Jan 23, 2024affected < 5.12.0fixed 5.12.0
SOFARPC is a Java RPC framework. SOFARPC defaults to using the SOFA Hessian protocol to deserialize received data, while the SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous classes for security protection. But, prior to versio