CVE-2023-46279

Deserialization of Untrusted Data vulnerability in Apache Dubbo.This issue only affects Apache Dubbo 3.1.5. Users are recommended to upgrade to the latest version, which fixes the issue.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:apache:dubbo:3.1.5:*:*:*:*:*:*:*

History

19 Dec 2023, 17:40

Type Values Removed Values Added
References () https://lists.apache.org/thread/zw53nxrkrfswmk9n3sfwxmcj7x030nmo - () https://lists.apache.org/thread/zw53nxrkrfswmk9n3sfwxmcj7x030nmo - Mailing List, Vendor Advisory
References () http://www.openwall.com/lists/oss-security/2023/12/15/3 - () http://www.openwall.com/lists/oss-security/2023/12/15/3 - Mailing List, Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
CPE cpe:2.3:a:apache:dubbo:3.1.5:*:*:*:*:*:*:*
First Time Apache dubbo
Apache

15 Dec 2023, 13:42

Type Values Removed Values Added
New CVE

Information

Published : 2023-12-15 09:15

Updated : 2024-02-28 20:54


NVD link : CVE-2023-46279

Mitre link : CVE-2023-46279

CVE.ORG link : CVE-2023-46279


JSON object : View

Products Affected

apache

  • dubbo
CWE
CWE-502

Deserialization of Untrusted Data