Lucene search

K
githubGitHub Advisory DatabaseGHSA-2X6R-7427-95CM
HistoryMay 21, 2021 - 7:20 p.m.

Deserialization of Untrusted Data in Apache Camel RabbitMQ

2021-05-2119:20:47
CWE-502
GitHub Advisory Database
github.com
66

0.008 Low

EPSS

Percentile

81.6%

Apache Camel RabbitMQ enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0.

0.008 Low

EPSS

Percentile

81.6%