Xxl-rpc Project Xxl-rpc — known CVE vulnerabilities
Every CVE whose affected-product data names Xxl-rpc Project Xxl-rpc, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2023-33496 — CVSS 9.8 (critical): xxl-rpc v1.7.0 was discovered to contain a deserialization vulnerability via the component com.xxl.rpc.core.remoting.net.impl.netty.codec.Ne…
CVE-2023-45146 — CVSS 9.0 (critical): XXL-RPC is a high performance, distributed RPC framework. With it, a TCP server can be set up using the Netty framework and the Hessian…