CVE-2025-32896
- EPSS 0.06%
- Published 19.06.2025 10:38:37
- Last modified 08.07.2025 13:05:21
# Summary Unauthorized users can perform Arbitrary File Read and Deserialization attack by submit job using restful api-v1. # Details Unauthorized users can access `/hazelcast/rest/maps/submit-job` to submit job. An attacker can set extra params in...
CVE-2023-49198
- EPSS 0.22%
- Published 21.08.2024 10:15:04
- Last modified 21.11.2024 08:33:01
Mysql security vulnerability in Apache SeaTunnel. Attackers can read files on the MySQL server by modifying the information in the MySQL URL allowLoadLocalInfile=true&allowUrlInLocalInfile=true&allowLoadLocalInfileInPath=/&maxAllowedPacket=655360 ...
CVE-2023-48396
- EPSS 0.25%
- Published 30.07.2024 09:15:02
- Last modified 10.07.2025 18:49:05
Web Authentication vulnerability in Apache SeaTunnel. Since the jwt key is hardcoded in the application, an attacker can forge any token to log in any user. Attacker can get secret key in /seatunnel-server/seatunnel-app/src/main/resources/applicatio...