10 matches found
EUVD-2025-19540
Malicious code in bioql PyPI...
EUVD-2025-6743
Malicious code in bioql PyPI...
CVE-2025-53606
CVE-2025-53606 describes a Deserialization of Untrusted Data vulnerability in Apache Seata (incubating) affecting version 2.4.0 . The issue allows high-severity impact (CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) with network-prioritized exploitation and no user interaction required. The recom...
Apache Seata Deserialization Vulnerability
Apache Seata is the United States Apache Apache Foundation of a microservices architecture in the United States to provide high-performance and easy to use distributed transaction services in the open source project . A deserialization vulnerability exists in Apache Seata versions prior to 2.0.0 ...
CVE-2025-32897
CVE-2025-32897 describes a deserialization of untrusted data vulnerability in Apache Seata (incubating) affecting versions 2.0.0 up to but not including 2.3.0. The underlying issue is unsafe deserialization of serialized user data, enabling potential code execution. The CVSS v3.1 base score is 9....
GHSA-65VG-64G8-MWJR Apache Seata Vulnerable to Data Amplification
Improper Handling of Highly Compressed Data Data Amplification vulnerability in Apache Seata incubating. This issue affects Apache Seata incubating: through =2.2.0. Users are recommended to upgrade to version 2.3.0, which fixes the issue...
CVE-2024-54016
Improper Handling of Highly Compressed Data Data Amplification vulnerability in Apache Seata incubating. This issue affects Apache Seata incubating: through =2.2.0. Users are recommended to upgrade to version 2.3.0, which fixes the issue...
CVE-2024-54016 compression bomb attack in Apache Seata Server
Improper Handling of Highly Compressed Data Data Amplification vulnerability in Apache Seata incubating. This issue affects Apache Seata incubating: through =2.2.0. Users are recommended to upgrade to version 2.3.0, which fixes the issue...
CVE-2024-54016 compression bomb attack in Apache Seata Server
Improper Handling of Highly Compressed Data Data Amplification vulnerability in Apache Seata incubating. This issue affects Apache Seata incubating: through =2.2.0. Users are recommended to upgrade to version 2.3.0, which fixes the issue...
CVE-2024-47552 Apache Seata (incubating): Deserialization of untrusted Data in jraft mode in Apache Seata Server
Deserialization of Untrusted Data vulnerability in Apache Seata incubating. This issue affects Apache Seata incubating: from 2.0.0 before 2.2.0. Severity Justification: The Apache Seata security team assesses the severity of this vulnerability as "Low" due to stringent real-world mitigating...