Skip to main content

Xxl Rpc

2 CVEs product

Monthly

CVE-2023-45146 Maven CRITICAL Act Now

XXL-RPC is a high performance, distributed RPC framework. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Deserialization Xxl Rpc
NVD GitHub
CVSS 3.1
10.0
EPSS
1.0%
CVE-2023-33496 Maven CRITICAL POC Act Now

xxl-rpc v1.7.0 was discovered to contain a deserialization vulnerability via the component com.xxl.rpc.core.remoting.net.impl.netty.codec.NettyDecode#decode. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization Xxl Rpc
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
EPSS 1% CVSS 10.0
CRITICAL Act Now

XXL-RPC is a high performance, distributed RPC framework. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Deserialization Xxl Rpc
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

xxl-rpc v1.7.0 was discovered to contain a deserialization vulnerability via the component com.xxl.rpc.core.remoting.net.impl.netty.codec.NettyDecode#decode. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization Xxl Rpc
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy