Maven package
com.xuxueli/xxl-rpc-core
pkg:maven/com.xuxueli/xxl-rpc-core
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-45146 | — | <= 1.7.0 | — | Oct 18, 2023 | XXL-RPC is a high performance, distributed RPC framework. With it, a TCP server can be set up using the Netty framework and the Hessian serialization mechanism. When such a configuration is used, attackers may be able to connect to the server and provide malicious serialized obje | ||
| CVE-2023-33496 | — | <= 1.7.0 | — | Jun 7, 2023 | xxl-rpc v1.7.0 was discovered to contain a deserialization vulnerability via the component com.xxl.rpc.core.remoting.net.impl.netty.codec.NettyDecode#decode. |
- CVE-2023-45146Oct 18, 2023affected <= 1.7.0
XXL-RPC is a high performance, distributed RPC framework. With it, a TCP server can be set up using the Netty framework and the Hessian serialization mechanism. When such a configuration is used, attackers may be able to connect to the server and provide malicious serialized obje
- CVE-2023-33496Jun 7, 2023affected <= 1.7.0
xxl-rpc v1.7.0 was discovered to contain a deserialization vulnerability via the component com.xxl.rpc.core.remoting.net.impl.netty.codec.NettyDecode#decode.