Lucene search
K

6 matches found

vulnersOsv
vulnersOsv
added 2021/05/21 7:20 p.m.5 views

io.fabric8.funktion.connector:connector-rabbitmq (>=1.1.9 <=1.1.55), io.github.koustavtub:snsmockjava_2.12 (>=0.4.1 <=0.4.1.0) +4 more potentially affected by CVE-2020-11972 via org.apache.camel:camel-rabbitmq (>=2.15.2 <=2.25.0)

org.apache.camel:camel-rabbitmq MAVEN version =2.15.2, =1.1.9, =0.4.1, =2.18.0, =1.0.0, =2.4.8, =2.5.4 Source cves: CVE-2020-11972 Source advisory: OSV:GHSA-2X6R-7427-95CM...

9.8CVSS7.2AI score0.05514EPSS
Exploits0
OSV
OSV
added 2021/05/21 7:20 p.m.2 views

GHSA-2X6R-7427-95CM Deserialization of Untrusted Data in Apache Camel RabbitMQ

Apache Camel RabbitMQ enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0...

9.8CVSS7.2AI score0.05514EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2020/06/18 12:25 p.m.29 views

CVE-2020-11972

A flaw was found in camel up to versions 2.25.1 and 3.x. Apache Camel RabbitMQ enables java deserialization, by default, without any means of disabling which can lead to arbitrary code being executed. The highest threat from this vulnerability is to data confidentiality and integrity as well as...

7.5CVSS4.9AI score0.05514EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2020/06/18 12:25 p.m.39 views

CVE-2020-11973

A flaw was found in camel. Apache Camel RabbitMQ enables java deserialization, by default, without any means of disabling which can lead to arbitrary code being executed. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Mitigation...

7.5CVSS4.3AI score0.06592EPSS
Exploits0References3
Veracode
Veracode
added 2020/05/15 5:43 a.m.34 views

Insecure Defaults

Apache Camel RabbitMQ uses an insecure default. The Java deserialization is enabled by default and allows an attacker to execute arbitrary code via a deserialization vulnerability...

9.8CVSS5.3AI score0.05514EPSS
Exploits0References6Affected Software1
CNVD
CNVD
added 2020/05/15 12:0 a.m.2 views

Apache Camel RabbitMQ Code Issue Vulnerability

Apache Camel is the United States Apache Apache Software Foundation of a set of open source based on Enterprise Integration Pattern Enterprise Integration Pattern , referred to as EIP integration framework. The framework provides Enterprise Integration Pattern of Java objects POJO implementation ...

9.8CVSS9.8AI score0.05514EPSS
Exploits0References1
Rows per page
Query Builder