4 matches found
cc.zzzyu.seata:seata-server (=2.4.0), io.xuxiaowei.seata:seata-server (=2.4.0) +7 more potentially affected by CVE-2025-53606 via org.apache.seata:seata-serializer-fury (=2.4.0)
org.apache.seata:seata-serializer-fury MAVEN version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.seata:seata-serializer-fury and may be impacted: - cc.zzzyu.seata:seata-server =2.4.0 - io.xuxiaowei.seata:seata-server =2.4.0 -...
CVE-2025-53606 Apache Seata (incubating): Deserialization of untrusted Data in Apache Seata Server
Deserialization of Untrusted Data vulnerability in Apache Seata incubating. This issue affects Apache Seata incubating: 2.4.0. Users are recommended to upgrade to version 2.5.0, which fixes the issue...
CVE-2025-53606
CVE-2025-53606 describes a Deserialization of Untrusted Data vulnerability in Apache Seata (incubating) affecting version 2.4.0 . The issue allows high-severity impact (CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) with network-prioritized exploitation and no user interaction required. The recom...
CVE-2025-53606
creationtimestamp| type| source ---|---|--- 2025-08-07 15:35:12+00:00| seen| https://seclists.org/oss-sec/2025/q3/78 2025-08-07 18:59:37+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lvtgbk2tm427 2025-08-08 10:31:44+00:00| seen|...