John Jason Fallows

NVD

New vulnerability on the NVD: CVE-2019-17564

Unsafe deserialization occurs within a Dubbo application which has HTTP remoting enabled. An attacker may submit a POST request with a Java object in it to completely compromise a Provider instance of Apache Dubbo, if this instance enables HTTP. This issue affected Apache Dubbo 2.7.0 to 2.7.4, 2.6.0 to 2.6.7, and all 2.5.x versions.

Published at: April 01, 2020 at 06:15PM
View on website

<img alt='' src='http://2.gravatar.com/avatar/e0a0f2ada86620fd4ae396b9dfbf50ef?s=150&d=mm&r=g' srcset='http://2.gravatar.com/avatar/e0a0f2ada86620fd4ae396b9dfbf50ef?s=300&d=mm&r=g 2x' class='avatar avatar-150 photo' height='150' width='150' />

John Jason Fallows

See author's posts

Related

Tags: government hack NVD security

NVD

1 min read

New vulnerability on the NVD: CVE-2020-19107

3 years ago John Jason Fallows

NVD

1 min read

New vulnerability on the NVD: CVE-2020-19108

3 years ago John Jason Fallows

NVD

1 min read

New vulnerability on the NVD: CVE-2020-19109

3 years ago John Jason Fallows

tv

1 min read

85 inch tv

10 months ago John Jason Fallows

tv

1 min read

85 inch tv

10 months ago John Jason Fallows

tv

1 min read

85 inch tv

10 months ago John Jason Fallows

GOOG

1 min read

Alphabet Inc – Class C (GOOG) price at close, 2023-07-21, is 120.31.

10 months ago John Jason Fallows

%d bloggers like this: