Maven package
org.apache.eventmesh/eventmesh-meta-raft
pkg:maven/org.apache.eventmesh/eventmesh-meta-raft
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-56180 | — | >= 1.10.1, < 1.11.0 | 1.11.0 | Feb 14, 2025 | CWE-502 Deserialization of Untrusted Data at the eventmesh-meta-raft plugin module in Apache EventMesh master branch without release version on windows\linux\mac os e.g. platforms allows attackers to send controlled message and remote code execute via hessian deserialization rpc |
- CVE-2024-56180Feb 14, 2025affected >= 1.10.1, < 1.11.0fixed 1.11.0
CWE-502 Deserialization of Untrusted Data at the eventmesh-meta-raft plugin module in Apache EventMesh master branch without release version on windows\linux\mac os e.g. platforms allows attackers to send controlled message and remote code execute via hessian deserialization rpc