apache/dubbo-go-hessian2

There is a vulnerability in dubbo 2.7.1 ,upgrade recommended

QiAnXinCodeSafe opened this issue · 0 comments

QiAnXinCodeSafe commented

dubbo-go-hessian2/test_dubbo/pom.xml

Lines 32 to 34 in 6f053c6

<groupId>org.apache.dubbo</groupId>
<artifactId>dubbo</artifactId>
<version>2.7.1</version>

CVE-2020-1948 CVE-2020-11995 CVE-2019-17564

Recommended upgrade version:2.7.8