CVE-2019-17564 | BestHub

Architect's Tech Stack

Feb 15, 2020 · Information Security

Apache Dubbo Deserialization Vulnerability (CVE-2019-17564): Principle, Affected Versions, and Protection Measures

The article explains the deserialization vulnerability (CVE-2019-17564) in Apache Dubbo when using HTTP, lists the impacted 2.5.x, 2.6.x, and 2.7.x versions, and provides mitigation steps including upgrading to 2.7.5 and applying Huawei Cloud WAF rules.

Apache DubboCVE-2019-17564Java RPC

0 likes · 3 min read

Apache Dubbo Deserialization Vulnerability (CVE-2019-17564): Principle, Affected Versions, and Protection Measures