10 matches found
Vulnerabilities fixed in Oracle Enterprise Manager
Oracle has fixed multiple vulnerabilities in Oracle Enterprise Manager. The vulnerabilities allow an unauthenticated remote malicious party potentially able to launch attacks leading to the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Access to...
Important: Red Hat Security Advisory: Red Hat Fuse 7.8.0 release and security update
A minor version update from 7.7 to 7.8 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...
Security Bulletin:IBM Resilient SOAR is Using Components with Known Vulnerabilities - Apache Camel ( CVE-2019-0188, CVE-2020-11972, CVE-2020-11973)
Summary IBM Resilient SOAR is using Apache Camel that has known vulnerabilities, as described below. Vulnerability Details CVEID: CVE-2019-0188 DESCRIPTION: Apache Camel could allow a remote attacker to obtain sensitive information, caused by improper handling of XML external entity XXE...
Security Bulletin: Vulnerabilities in Apache Camel's JMX, Apache Camel RabbitMQ and Apache Camel Netty affects IBM Operations Analytics Predictive Insights (CVE-2020-11971, CVE-2020-11972, CVE-2020-11973)
Summary Apache Camel's JMX, Apache Camel RabbitMQ and Apache Camel Netty are used by IBM Operations Analytics Predictive Insights. IBM Operations Analytics Predictive Insights has addressed the applicable CVEs. See Remediation/Fixes section to apply the recommended fixes. Vulnerability Details...
Security Bulletin: Multiple vulnerabilities have been identified in Apache Camel shipped with IBM Netcool/OMNIbus Probe DSL Factory Framework
Summary Apache Camel is a dependency component shipped with the IBM Netcool/OMNIbus Probe DSL Factory Framework. Information about the security vulnerabilities affecting Apache Camel has been published. CVE-2020-11971, CVE-2020-11973, CVE-2020-11972 Vulnerability Details CVEID: CVE-2020-11971...
CVE-2020-11973
A flaw was found in camel. Apache Camel RabbitMQ enables java deserialization, by default, without any means of disabling which can lead to arbitrary code being executed. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Mitigation...
Security Bulletin: IBM Jazz for Service Management is vulnerable to Apache Camel Core vulnerabilities
Summary IBM Jazz for Service Management is vulnerable to Apache Camel Core vulnerabilities CVE-2020-11971, CVE-2020-11973, CVE-2020-11972 Vulnerability Details CVEID: CVE-2020-11971 DESCRIPTION: Apache Camel could allow a remote attacker to obtain sensitive information, caused by a rebind flaw in...
CVE-2020-11973
Apache Camel Netty enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0...
CVE-2020-11973
Apache Camel Netty enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0...
CVE-2020-11973
CVE-2020-11973 affects Apache Camel with Netty, enabling Java deserialization due to unsafe/deserialized handling. Affected Camel versions: 2.22.x, 2.23.x, 2.24.x, 2.25.0, up to 3.1.0. Remediation is upgrade to Camel 2.25.1 (2.x line) or 3.2.0 (3.x line); no exploit details are provided in the do...