Deserialization of Untrusted Data vulnerability in Apache Dubbo.This issue only affects Apache Dubbo 3.1.5. Users are recommended to upgrade to the latest version, which fixes the issue.
https://lists.apache.org/thread/zw53nxrkrfswmk9n3sfwxmcj7x030nmo