Apache Seata
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Apache Seata.
By the Year
In 2025 there have been 2 vulnerabilities in Apache Seata. Last year, in 2024 Seata had 1 security vulnerability published. That is, 1 more vulnerability have already been reported in 2025 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 2 | 0.00 |
| 2024 | 1 | 9.80 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Seata vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Apache Seata Security Vulnerabilities
Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in Apache Seata (incubating)
CVE-2024-54016
- March 20, 2025
Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in Apache Seata (incubating). This issue affects Apache Seata (incubating): through <=2.2.0. Users are recommended to upgrade to version 2.3.0, which fixes the issue.
Data Amplification
Deserialization of Untrusted Data vulnerability in Apache Seata (incubating)
CVE-2024-47552
- March 20, 2025
Deserialization of Untrusted Data vulnerability in Apache Seata (incubating). This issue affects Apache Seata (incubating): from 2.0.0 before 2.2.0. Users are recommended to upgrade to version 2.2.0, which fixes the issue.
Marshaling, Unmarshaling
Deserialization of Untrusted Data vulnerability in Apache Seata
CVE-2024-22399
9.8 - Critical
- September 16, 2024
Deserialization of Untrusted Data vulnerability in Apache Seata. When developers disable authentication on the Seata-Server and do not use the Seata client SDK dependencies, they may construct uncontrolled serialized malicious requests by directly sending bytecode based on the Seata private protocol. This issue affects Apache Seata: 2.0.0, from 1.0.0 through 1.8.0. Users are recommended to upgrade to version 2.1.0/1.8.1, which fixes the issue.
Marshaling, Unmarshaling
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Apache Seata or by Apache? Click the Watch button to subscribe.
