Description: A deserialization vulnerability existed when dubbo generic invoke, which could lead to malicious code execution.
This issue affects Apache Dubbo 2.7.x version 2.7.21 and prior versions; Apache Dubbo 3.0.x version 3.0.13 and prior versions; Apache Dubbo 3.1.x version 3.1.5 and prior versions. Credit: yemoli、R1ckyZ、Koishi、cxc (reporter) References: https://dubbo.apache.org/ https://www.cve.org/CVERecord?id=CVE-2023-23638