Camel Security Vulnerabilities and Issues — Camel CVE List

Lucene search

ApacheCamel

5 matches found

CVE•added 2020/05/14 5:15 p.m.•129 views

CVE-2020-11971

Apache Camel's JMX is vulnerable to Rebind Flaw. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.x, 3.0.0 up to 3.1.0 is affected. Users should upgrade to 3.2.0.

7.5CVSS8.1AI score0.02054EPSS

CVE•added 2020/07/08 4:15 p.m.•125 views

CVE-2020-11994

Server-Side Template Injection and arbitrary file disclosure on Camel templating components

7.5CVSS7.6AI score0.01547EPSS

CVE•added 2020/02/11 12:15 p.m.•107 views

CVE-2020-5529

HtmlUnit prior to 2.37.0 contains code execution vulnerabilities. HtmlUnit initializes Rhino engine improperly, hence a malicious JavScript code can execute arbitrary Java code on the application. Moreover, when embedded in Android application, Android-specific initialization of Rhino engine is don...

8.1CVSS8.1AI score0.0164EPSS

CVE•added 2020/05/14 5:15 p.m.•103 views

CVE-2020-11972

Apache Camel RabbitMQ enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0.

9.8CVSS9.2AI score0.08393EPSS

CVE•added 2020/05/14 5:15 p.m.•99 views

CVE-2020-11973

Apache Camel Netty enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0.

9.8CVSS9.2AI score0.09483EPSS