CVE-2024-22371
- EPSS 0.7%
- Veröffentlicht 26.02.2024 16:27:56
- Zuletzt bearbeitet 25.04.2025 18:56:25
Exposure of sensitive data by by crafting a malicious EventFactory and providing a custom ExchangeCreatedEvent that exposes sensitive data. Vulnerability in Apache Camel.This issue affects Apache Camel: from 3.21.X through 3.21.3, from 3.22.X through...
CVE-2024-23114
- EPSS 1.15%
- Veröffentlicht 20.02.2024 15:15:10
- Zuletzt bearbeitet 02.04.2025 20:19:16
Deserialization of Untrusted Data vulnerability in Apache Camel CassandraQL Component AggregationRepository which is vulnerable to unsafe deserialization. Under specific conditions it is possible to deserialize malicious payload.This issue affects Ap...
CVE-2024-22369
- EPSS 0.75%
- Veröffentlicht 20.02.2024 15:15:10
- Zuletzt bearbeitet 02.04.2025 20:17:04
Deserialization of Untrusted Data vulnerability in Apache Camel SQL ComponentThis issue affects Apache Camel: from 3.0.0 before 3.21.4, from 3.22.0 before 3.22.1, from 4.0.0 before 4.0.4, from 4.1.0 before 4.4.0. Users are recommended to upgrade to ...
CVE-2023-34442
- EPSS 0.43%
- Veröffentlicht 10.07.2023 16:15:52
- Zuletzt bearbeitet 21.11.2024 08:07:15
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Camel.This issue affects Apache Camel: from 3.X through <=3.14.8, from 3.18.X through <=3.18.7, from 3.20.X through <= 3.20.5, from 4.X thro...
CVE-2020-11994
- EPSS 4.49%
- Veröffentlicht 08.07.2020 16:15:11
- Zuletzt bearbeitet 21.11.2024 04:59:04
Server-Side Template Injection and arbitrary file disclosure on Camel templating components
CVE-2020-11972
- EPSS 5.51%
- Veröffentlicht 14.05.2020 17:15:12
- Zuletzt bearbeitet 21.11.2024 04:59:01
Apache Camel RabbitMQ enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0.
CVE-2020-11971
- EPSS 14.33%
- Veröffentlicht 14.05.2020 17:15:12
- Zuletzt bearbeitet 21.11.2024 04:59:00
Apache Camel's JMX is vulnerable to Rebind Flaw. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.x, 3.0.0 up to 3.1.0 is affected. Users should upgrade to 3.2.0.
CVE-2020-11973
- EPSS 6.59%
- Veröffentlicht 14.05.2020 17:15:12
- Zuletzt bearbeitet 21.11.2024 04:59:01
Apache Camel Netty enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0.
CVE-2020-5529
- EPSS 4.72%
- Veröffentlicht 11.02.2020 12:15:21
- Zuletzt bearbeitet 21.11.2024 05:34:13
HtmlUnit prior to 2.37.0 contains code execution vulnerabilities. HtmlUnit initializes Rhino engine improperly, hence a malicious JavScript code can execute arbitrary Java code on the application. Moreover, when embedded in Android application, Andro...
CVE-2019-0188
- EPSS 8.46%
- Veröffentlicht 28.05.2019 19:29:02
- Zuletzt bearbeitet 21.11.2024 04:16:26
Apache Camel prior to 2.24.0 contains an XML external entity injection (XXE) vulnerability (CWE-611) due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed.