Serialization Security
Using Serialization Protocols More Securely in Dubbo
The Apache Software Foundation takes a very proactive stance in eliminating security issues and denial-of-service attacks against its products.
We strongly encourage people to report such issues to our security mailing list before disclosing them in public forums.
Please note that the security mailing list is only intended for reporting unpublicized security vulnerabilities and managing the process of fixing such vulnerabilities. We cannot accept regular bug reports or other inquiries at this address. All mail sent to this address that is not related to undisclosed security problems in our source code will be ignored.
If you need to report bugs that are not undisclosed security vulnerabilities, please use the bug report page.
Security issue reporting email: security@dubbo.apache.org
For more information on how ASF handles potential security issues, please refer to https://www.apache.org/security/
Using Serialization Protocols More Securely in Dubbo
Using RPC protocols securely in Dubbo
Using the registry center more securely in Dubbo
Using Dubbo Admin more securely
Log4j CVE-2021-44228 Vulnerability Impact