EUVD-2024-0700

Malicious code in bioql PyPI...

Security Bulletin: IBM Tivoli Netcool Impact is vulnerable to information disclosure due to Apache Camel (CVE-2024-22371)

Summary Apache Camel is shipped with IBM Tivoli Netcool Impact as part of the data provider interface in the GUI server. Information about a security vulnerability affecting Apache ActiveMQ has been published in a security bulletin. Vulnerability Details CVEID:CVE-2024-22371 DESCRIPTION: Apache...

Security Bulletin: IBM Jazz for Service Management is vulnerable due to Apache camel-core-3.2.0.jar ( CVE-2024-22371)

Summary IBM Jazz for Service Management is vulnerable due to Apache camel-core-3.2.0.jar. Exposure of sensitive data by crafting a malicious EventFactory and providing a custom ExchangeCreatedEvent that exposes sensitive data. Vulnerability Details CVEID:CVE-2024-22371 DESCRIPTION: Apache Camel...

Unspecified Vulnerability in Apache Camel (CNVD-2024-26185)

Apache Camel is the United States Apache Apache Foundation of a set of open source based on Enterprise Integration Pattern Enterprise Integration Pattern , referred to as EIP integration framework. The framework provides Enterprise Integration Pattern Java objects POJO implementation , and throug...

Information Disclosure

Apache Camel is vulnerable to Information Disclosure. The vulnerability is due to improper validation for EventFactory implementations and the handling of ExchangeCreatedEvent instances. This flaw allows attackers to craft malicious EventFactory instances and provide custom ExchangeCreatedEvent...

GHSA-QPXM-689R-3849 Apache Camel data exposure vulnerability

Exposure of sensitive data by by crafting a malicious EventFactory and providing a custom ExchangeCreatedEvent that exposes sensitive data. Vulnerability in Apache Camel. This issue affects Apache Camel: from 3.0.0 through 3.21.3, from 3.22.X through 3.22.0, from 4.0.X through 4.0.3, from 4.X...

CVE-2024-22371

Exposure of sensitive data by by crafting a malicious EventFactory and providing a custom ExchangeCreatedEvent that exposes sensitive data. Vulnerability in Apache Camel.This issue affects Apache Camel: from 3.21.X through 3.21.3, from 3.22.X through 3.22.0, from 4.0.X through 4.0.3, from 4.X...

CVE-2024-22371

A flaw was found in Apache Camel. This issue may allow an attacker to expose sensitive data by crafting a malicious EventFactory and providing a custom ExchangeCreatedEvent. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat...

CVE-2024-22371

Summary (CVE-2024-22371) Apache Camel contains a vulnerability where crafting a malicious EventFactory and supplying a custom ExchangeCreatedEvent could expose sensitive data. This affects Camel releases across multiple branches: 3.21.x (up to 3.21.3), 3.22.x (up to 3.22.0), 4.0.x (up to 4.0.3), ...

Apache Camel 安全漏洞

Apache Camel is the United States Apache Apache Foundation of a set of open source based on Enterprise Integration Pattern Enterprise Integration Pattern , referred to as EIP integration framework. The framework provides Enterprise Integration Pattern Java objects POJO implementation , and throug...

PT-2024-19370 · Apache · Apache Camel

Name of the Vulnerable Software and Affected Versions: Apache Camel versions 3.0.0 through 3.21.3 Apache Camel versions 3.22.X through 3.22.0 Apache Camel versions 4.0.X through 4.0.3 Apache Camel versions 4.X through 4.3.0 Description: The issue is related to the exposure of sensitive data by...