Security Advisory

CVE-2021-30180

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-05-31 07:25:14

Last updated 2024-08-03 22:24:59

Assigner apache

State PUBLISHED

Description

Apache Dubbo prior to 2.7.9 support Tag routing which will enable a customer to route the request to the right server. These rules are used by the customers when making a request in order to find the right endpoint. When parsing these YAML rules, Dubbo customers may enable calling arbitrary constructors.

← Browse all CVEs View on cve.org ↗