A deserialization vulnerability existed when decode a malicious package.This issue affects Apache Dubbo: from 3.1.0 through 3.1.10, from 3.2.0 through 3.2.4. Users are recommended to upgrade to the latest version, which fixes the issue.
History

Thu, 13 Feb 2025 17:00:00 +0000

Type Values Removed Values Added
Description A deserialization vulnerability existed when decode a malicious package.This issue affects Apache Dubbo: from 3.1.0 through 3.1.10, from 3.2.0 through 3.2.4. Users are recommended to upgrade to the latest version, which fixes the issue. A deserialization vulnerability existed when decode a malicious package.This issue affects Apache Dubbo: from 3.1.0 through 3.1.10, from 3.2.0 through 3.2.4. Users are recommended to upgrade to the latest version, which fixes the issue.

cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published:

Updated: 2025-02-13T16:49:03.349Z

Reserved: 2023-04-04T09:31:05.236Z

Link: CVE-2023-29234

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-12-15T09:15:07.380

Modified: 2025-02-13T17:16:18.023

Link: CVE-2023-29234

cve-icon Redhat

No data.