CVE-2025-53606: Apache Seata: Deserialization of untrusted Data in Apache Seata Server
Deserialization of Untrusted Data vulnerability in Apache Seata (incubating).
This issue affects Apache Seata (incubating): 2.4.0.
Users are recommended to upgrade to version 2.5.0, which fixes the issue.
References
Code Behaviors & Features
Detect and mitigate CVE-2025-53606 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →