CVE-2024-45791

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache HertzBeat. This issue affects Apache HertzBeat: before 1.6.1. Users are recommended to upgrade to version 1.6.1, which fixes the issue...

CVE-2024-41151

Deserialization of Untrusted Data vulnerability in Apache HertzBeat. This vulnerability can only be exploited by authorized attackers. This issue affects Apache HertzBeat: before 1.6.1. Users are recommended to upgrade to version 1.6.1, which fixes the issue...

Apache HertzBeat Deserialization Vulnerability

Apache HertzBeat is a tool from the American company Apache Apache that can monitor various components. A deserialization vulnerability exists in Apache HertzBeat versions prior to 1.6.0, which stems from the insecure deserialization of serialized data received from users by the SnakeYAML library...

CVE-2024-42323

SnakeYaml Deser Load Malicious xml rce vulnerability in Apache HertzBeat incubating. This vulnerability can only be exploited by authorized attackers. This issue affects Apache HertzBeat incubating: before 1.6.0. Users are recommended to upgrade to version 1.6.0, which fixes the issue...