A vulnerability classified as very critical has been found in sofastack sofa-rpc up to 5.11.x. This affects an unknown part of the component SOFA Hessian Protocol Handler. The manipulation leads to deserialization.
This vulnerability is uniquely identified as CVE-2024-23636. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.