CVE-2021-37578: Deserialization of Untrusted Data

July 29, 2021 (updated August 11, 2021)

Apache jUDDI uses several classes related to Java’s Remote Method Invocation (RMI) which (as an extension to UDDI) provides an alternate transport for accessing UDDI services.

References

nvd.nist.gov/vuln/detail/CVE-2021-37578

Code Behaviors & Features

Detect and mitigate CVE-2021-37578 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →