Lucene search
+L

5 matches found

vulnersosv
vulnersosv
added 2025/08/08 12:32 p.m.5 views

cc.zzzyu.seata:seata-server (=2.4.0), io.xuxiaowei.seata:seata-server (=2.4.0) +7 more potentially affected by CVE-2025-53606 via org.apache.seata:seata-serializer-fury (=2.4.0)

org.apache.seata:seata-serializer-fury MAVEN version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.seata:seata-serializer-fury and may be impacted: - cc.zzzyu.seata:seata-server =2.4.0 - io.xuxiaowei.seata:seata-server =2.4.0 -...

9.8CVSS5.8AI score0.00601EPSS
Exploits0
vulnersosv
vulnersosv
added 2025/03/20 9:30 a.m.7 views

io.xuxiaowei.seata:seata-server (>=2.1.0 <=2.2.0), org.apache.seata:seata-compressor-all (>=2.1.0 <=2.2.0) +5 more potentially affected by CVE-2024-54016 via org.apache.seata:seata-compressor-zstd (>=2.1.0 <=2.2.0)

org.apache.seata:seata-compressor-zstd MAVEN version =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.2.0 Source cves: CVE-2024-54016 Source advisory: SNYK:JAVA-ORGAPACHESEATA-9521513...

4.3CVSS5.8AI score0.00567EPSS
Exploits0
vulnersosv
vulnersosv
added 2025/03/20 9:30 a.m.6 views

com.weicoder:seata (>=3.5.1 <=3.6.2), io.seata:seata-compressor-all (>=1.5.0 <=2.0.0) +7 more potentially affected by CVE-2024-54016 via io.seata:seata-compressor-zstd (>=1.5.0 <=2.0.0)

io.seata:seata-compressor-zstd MAVEN version =1.5.0, =3.5.1, =1.5.0, =1.5.0, =1.8.0, =1.5.0, =1.7.0, =1.8.0, =2.0.0 Source cves: CVE-2024-54016 Source advisory: SNYK:JAVA-IOSEATA-9521514...

4.3CVSS5.8AI score0.00567EPSS
Exploits0
osv
osv
added 2024/09/16 2:37 p.m.16 views

GHSA-3XQ2-W6J4-C99R Apache Seata Deserialization of Untrusted Data vulnerability

Deserialization of Untrusted Data vulnerability in Apache Seata. When developers disable authentication on the Seata-Server and do not use the Seata client SDK dependencies, they may construct uncontrolled serialized malicious requests by directly sending bytecode based on the Seata private...

9.2CVSS9.7AI score0.03286EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2024/09/16 11:42 a.m.32 views

CVE-2024-22399 Apache Seata: Remote Code Execution vulnerability via Hessian Deserialization in Apache Seata Server

Deserialization of Untrusted Data vulnerability in Apache Seata. When developers disable authentication on the Seata-Server and do not use the Seata client SDK dependencies, they may construct uncontrolled serialized malicious requests by directly sending bytecode based on the Seata private...

9.7AI score0.03286EPSS
Exploits0References1
Rows per page
Query Builder