Lucene search
+L

11 matches found

vulnersosv
vulnersosv
added 2021/05/21 7:20 p.m.4 views

com.scoperetail.fusion:fusion-connect (>=0.57 <=0.79), com.scoperetail.fusion:fusion-connect-core (>=0.21 <=0.58) +11 more potentially affected by CVE-2020-11972 via org.apache.camel:camel-rabbitmq (>=3.0.0 <=3.22.4)

org.apache.camel:camel-rabbitmq MAVEN version =3.0.0, =0.57, =0.21, =0.5, =0.1.0, =1.0.0, =0.10.1, =0.10.1, =2.0.0, =1.0.0-M6, =1.0.0-M6, =3.0.0, =3.22.4 - org.springframework.cloud:spring-cloud-contract-sample-camel =4.1.6 Source cves: CVE-2020-11972 Source advisory: OSV:GHSA-2X6R-7427-95CM...

9.8CVSS7.2AI score0.05514EPSS
Exploits0
vulnersosv
vulnersosv
added 2021/05/21 7:20 p.m.5 views

io.fabric8.funktion.connector:connector-rabbitmq (>=1.1.9 <=1.1.55), io.github.koustavtub:snsmockjava_2.12 (>=0.4.1 <=0.4.1.0) +4 more potentially affected by CVE-2020-11972 via org.apache.camel:camel-rabbitmq (>=2.15.2 <=2.25.0)

org.apache.camel:camel-rabbitmq MAVEN version =2.15.2, =1.1.9, =0.4.1, =2.18.0, =1.0.0, =2.4.8, =2.5.4 Source cves: CVE-2020-11972 Source advisory: OSV:GHSA-2X6R-7427-95CM...

9.8CVSS7.2AI score0.05514EPSS
Exploits0
redhat
redhat
added 2020/12/16 12:11 p.m.179 views

Important: Red Hat Security Advisory: Red Hat Fuse 7.8.0 release and security update

A minor version update from 7.7 to 7.8 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

9.8CVSS8AI score0.95586EPSS
Exploits12References39
ibm
ibm
added 2020/10/01 12:30 p.m.34 views

Security Bulletin:IBM Resilient SOAR is Using Components with Known Vulnerabilities - Apache Camel ( CVE-2019-0188, CVE-2020-11972, CVE-2020-11973)

Summary IBM Resilient SOAR is using Apache Camel that has known vulnerabilities, as described below. Vulnerability Details CVEID: CVE-2019-0188 DESCRIPTION: Apache Camel could allow a remote attacker to obtain sensitive information, caused by improper handling of XML external entity XXE...

9.8CVSS1.5AI score0.08463EPSS
Exploits0Affected Software1
ibm
ibm
added 2020/08/11 2:33 p.m.32 views

Security Bulletin: Vulnerabilities in Apache Camel's JMX, Apache Camel RabbitMQ and Apache Camel Netty affects IBM Operations Analytics Predictive Insights (CVE-2020-11971, CVE-2020-11972, CVE-2020-11973)

Summary Apache Camel's JMX, Apache Camel RabbitMQ and Apache Camel Netty are used by IBM Operations Analytics Predictive Insights. IBM Operations Analytics Predictive Insights has addressed the applicable CVEs. See Remediation/Fixes section to apply the recommended fixes. Vulnerability Details...

9.8CVSS2AI score0.14331EPSS
Exploits0Affected Software1
ibm
ibm
added 2020/07/16 5:5 a.m.41 views

Security Bulletin: Multiple vulnerabilities have been identified in Apache Camel shipped with IBM Netcool/OMNIbus Probe DSL Factory Framework

Summary Apache Camel is a dependency component shipped with the IBM Netcool/OMNIbus Probe DSL Factory Framework. Information about the security vulnerabilities affecting Apache Camel has been published. CVE-2020-11971, CVE-2020-11973, CVE-2020-11972 Vulnerability Details CVEID: CVE-2020-11971...

9.8CVSS1.4AI score0.14331EPSS
Exploits0Affected Software1
ibm
ibm
added 2020/06/15 6:0 a.m.36 views

Security Bulletin: IBM Jazz for Service Management is vulnerable to Apache Camel Core vulnerabilities

Summary IBM Jazz for Service Management is vulnerable to Apache Camel Core vulnerabilities CVE-2020-11971, CVE-2020-11973, CVE-2020-11972 Vulnerability Details CVEID: CVE-2020-11971 DESCRIPTION: Apache Camel could allow a remote attacker to obtain sensitive information, caused by a rebind flaw in...

9.8CVSS1.7AI score0.14331EPSS
Exploits0Affected Software1
nvd
nvd
added 2020/05/14 5:15 p.m.21 views

CVE-2020-11972

Apache Camel RabbitMQ enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0...

9.8CVSS9.4AI score0.05514EPSS
Exploits0References5
osv
osv
added 2020/05/14 5:15 p.m.31 views

CVE-2020-11972

Apache Camel RabbitMQ enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0...

9.8CVSS6.7AI score0.05514EPSS
Exploits0References5
cvelist
cvelist
added 2020/05/14 4:26 p.m.32 views

CVE-2020-11972

Apache Camel RabbitMQ enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0...

9.5AI score0.05514EPSS
Exploits0References5
cve
cve
added 2020/05/14 4:26 p.m.128 views

CVE-2020-11972

CVE-2020-11972 affects Apache Camel RabbitMQ: Java deserialization is enabled by default in the RabbitMQ component, enabling remote code execution. Affected Camel versions include 2.22.x, 2.23.x, 2.24.x, 2.25.0, and 3.0.0 up to 3.1.0. To mitigate, upgrade 2.x line to 2.25.1 or the 3.x line to 3.2...

9.8CVSS9.2AI score0.05514EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder