Vulnerabilities > Apache > Dubbo > 2.7.8

DATE CVE VULNERABILITY TITLE RISK
2021-06-01 CVE-2021-30179 Deserialization of Untrusted Data vulnerability in Apache Dubbo
Apache Dubbo prior to 2.6.9 and 2.7.9 by default supports generic calls to arbitrary methods exposed by provider interfaces.
network
low complexity
apache CWE-502
critical
 9.8
9.8
2021-06-01 CVE-2021-30180 HTTP Request Smuggling vulnerability in Apache Dubbo
Apache Dubbo prior to 2.7.9 support Tag routing which will enable a customer to route the request to the right server.
network
apache CWE-444
6.8
6.8
2021-06-01 CVE-2021-30181 Unspecified vulnerability in Apache Dubbo
Apache Dubbo prior to 2.6.9 and 2.7.9 supports Script routing which will enable a customer to route the request to the right server.
network
low complexity
apache
7.5
7.5