CVE-2024-47552: Apache Seata (incubating): Deserialization of untrusted Data in jraft mode in Apache Seata Server

[Min Ji <jimin () apache org>]

Severity: low

Affected versions:

- Apache Seata (incubating) 2.0.0 before 2.2.0

Description:

Deserialization of Untrusted Data vulnerability in Apache Seata (incubating).

This issue affects Apache Seata (incubating): from 2.0.0 before 2.2.0.

Users are recommended to upgrade to version 2.2.0, which fixes the issue.

Credit:

liuhuajin<liuhuajin1 () huawei com> (finder)
llqxc369 () gmail com (finder)

References:

https://seata.incubator.apache.org
https://www.cve.org/CVERecord?id=CVE-2024-47552