Seata Security Vulnerabilities and Issues — Seata CVE List

Lucene search

ApacheSeata

5 matches found

CVE•added 2025/03/20 9:15 a.m.•62 views

CVE-2024-47552

Deserialization of Untrusted Data vulnerability in Apache Seata (incubating). This issue affects Apache Seata (incubating): from 2.0.0 before 2.2.0. Users are recommended to upgrade to version 2.2.0, which fixes the issue.

9.8CVSS6.5AI score0.00071EPSS

CVE•added 2025/03/20 9:15 a.m.•47 views

CVE-2024-54016

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in Apache Seata (incubating). This issue affects Apache Seata (incubating): through

4.3CVSS6.5AI score0.00158EPSS

CVE•added 2024/09/16 12:15 p.m.•36 views

CVE-2024-22399

Deserialization of Untrusted Data vulnerability in Apache Seata. When developers disable authentication on the Seata-Server and do not use the Seata client SDK dependencies, they may construct uncontrolled serialized malicious requests by directly sending bytecode based on the Seata private protoco...

9.8CVSS9.6AI score0.48134EPSS

CVE•added 2025/06/28 7:15 p.m.•17 views

CVE-2025-32897

Deserialization of Untrusted Data vulnerability in Apache Seata (incubating). This security vulnerability is the same as CVE-2024-47552, but the version range described in the CVE-2024-47552 definition is too narrow.This issue affects Apache Seata (incubating): from 2.0.0 before 2.3.0. Users are re...

9.8CVSS9.4AI score0.00204EPSS

CVE•added 6 days ago•8 views

CVE-2025-53606

Deserialization of Untrusted Data vulnerability in Apache Seata (incubating). This issue affects Apache Seata (incubating): 2.4.0. Users are recommended to upgrade to version 2.5.0, which fixes the issue.

9.8CVSS6.4AI score0.00144EPSS