5 matches found
CVE-2026-24656
Deserialization of Untrusted Data vulnerability in Apache Karaf Decanter. The Decanter log socket collector exposes the port 4560, without authentication. If the collector exposes allowed classes property, this configuration can be bypassed. It means that the log socket collector is vulnerable to...
CVE-2026-24656
Deserialization of Untrusted Data vulnerability in Apache Karaf Decanter. The Decanter log socket collector exposes the port 4560, without authentication. If the collector exposes allowed classes property, this configuration can be bypassed. It means that the log socket collector is vulnerable to...
CVE-2026-24656
Deserialization of Untrusted Data vulnerability in Apache Karaf Decanter. The Decanter log socket collector exposes the port 4560, without authentication. If the collector exposes allowed classes property, this configuration can be bypassed. It means that the log socket collector is vulnerable to...
CVE-2026-24656 Apache Karaf: Decanter log-socket collector has deserialization vulnerability
Deserialization of Untrusted Data vulnerability in Apache Karaf Decanter. The Decanter log socket collector exposes the port 4560, without authentication. If the collector exposes allowed classes property, this configuration can be bypassed. It means that the log socket collector is vulnerable to...
Apache Karaf Decanter security vulnerability
Apache Karaf Decanter is a monitoring and alerting module of the Apache Foundation. Versions of Apache Karaf Decanter prior to 2.12.0 contained a security vulnerability, which stemmed from the log socket collector’s inability to deserialize trusted data, potentially leading to denial-of-service...