2 matches found
CVE-2025-32896 Apache SeaTunnel: Unauthenticated insecure access
Summary Unauthorized users can perform Arbitrary File Read and Deserialization attack by submit job using restful api-v1. Details Unauthorized users can access /hazelcast/rest/maps/submit-job to submit job. An attacker can set extra params in mysql url to perform Arbitrary File Read and...
Apache SeaTunnel Authentication Bypass Vulnerability
Apache SeaTunnel is the United States Apache Apache Foundation, an easy-to-use data integration framework. An authentication bypass vulnerability exists in Apache SeaTunnel version 1.0.0, which stems from the fact that jwt keys are hard-coded in the application and can be exploited by an attacker...