Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:apache:camel:2.25.0:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2020-11994 |
Server-Side Template Injection and arbitrary file disclosure on Camel templating components Published: July 08, 2020; 12:15:11 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2020-11973 |
Apache Camel Netty enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0. Published: May 14, 2020; 1:15:12 PM -0400 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2020-11972 |
Apache Camel RabbitMQ enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0. Published: May 14, 2020; 1:15:12 PM -0400 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2020-11971 |
Apache Camel's JMX is vulnerable to Rebind Flaw. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.x, 3.0.0 up to 3.1.0 is affected. Users should upgrade to 3.2.0. Published: May 14, 2020; 1:15:12 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |