Security Advisory

CVE-2021-25640

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-05-31 07:25:12

Last updated 2024-08-03 20:11:27

Assigner apache

State PUBLISHED

Description

In Apache Dubbo prior to 2.6.9 and 2.7.9, the usage of parseURL method will lead to the bypass of white host check which can cause open redirect or SSRF vulnerability.

← Browse all CVEs View on cve.org ↗