15Ara
CVE-2023-29234 | Apache Dubbo up to 3.1.10/3.2.4 Package deserialization
A vulnerability was found in Apache Dubbo up to 3.1.10/3.2.4. It has been rated as problematic. This issue affects some unknown processing of the component Package Handler. The manipulation leads to deserialization. The identification of this vulnerability is CVE-2023-29234. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.