Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/27 3:23 p.m.4 views

CVE-2026-24656

Deserialization of Untrusted Data vulnerability in Apache Karaf Decanter. The Decanter log socket collector exposes the port 4560, without authentication. If the collector exposes allowed classes property, this configuration can be bypassed. It means that the log socket collector is vulnerable to...

3.7CVSS5.8AI score0.00655EPSS
Exploits0References1
OSV
OSV
added 2026/01/26 10:16 a.m.4 views

CVE-2026-24656

Deserialization of Untrusted Data vulnerability in Apache Karaf Decanter. The Decanter log socket collector exposes the port 4560, without authentication. If the collector exposes allowed classes property, this configuration can be bypassed. It means that the log socket collector is vulnerable to...

3.7CVSS5.8AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/01/26 9:41 a.m.3 views

CVE-2026-24656

Deserialization of Untrusted Data vulnerability in Apache Karaf Decanter. The Decanter log socket collector exposes the port 4560, without authentication. If the collector exposes allowed classes property, this configuration can be bypassed. It means that the log socket collector is vulnerable to...

3.7CVSS5.8AI score0.00655EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/26 9:41 a.m.35 views

CVE-2026-24656 Apache Karaf: Decanter log-socket collector has deserialization vulnerability

Deserialization of Untrusted Data vulnerability in Apache Karaf Decanter. The Decanter log socket collector exposes the port 4560, without authentication. If the collector exposes allowed classes property, this configuration can be bypassed. It means that the log socket collector is vulnerable to...

0.00655EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/26 12:0 a.m.9 views

Apache Karaf Decanter security vulnerability

Apache Karaf Decanter is a monitoring and alerting module of the Apache Foundation. Versions of Apache Karaf Decanter prior to 2.12.0 contained a security vulnerability, which stemmed from the log socket collector’s inability to deserialize trusted data, potentially leading to denial-of-service...

3.7CVSS5.8AI score0.00655EPSS
Exploits0References3
Rows per page
Query Builder