Apache Eventmesh
2 CVEs affecting Apache Eventmesh. Latest disclosed: 2025-08-20. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-56180 | Critical | 9.8 | 2025-02-14 | CWE-502 Deserialization of Untrusted Data at the eventmesh-meta-raft plugin module in Apache EventMesh master branch without release version on windows\linux\m… |
CVE-2024-39954 | Medium | 6.3 | 2025-08-20 | CWE-918 Server-Side Request Forgery (SSRF) in eventmesh-runtime module in WebhookUtil.java on windows\linux\mac os e.g. allows the attacker can abuse functiona… |