Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

[SECURITY] New security advisory CVE-2020-11972 released for Apache Camel

Related Vulnerabilities: CVE-2020-11972  
Source 
                A new security advisory has been released for Apache Camel, that is fixed in
the recent 2.25.1 and 3.2.0 releases.

CVE-2020-11972: Apache Camel RabbitMQ enables Java deserialization by default

Severity: MEDIUM

Vendor: The Apache Software Foundation

Versions Affected: Camel 2.25.0, Camel 3.0.0 to 3.1.0. The unsupported Camel 2.x (2.24 and earlier) versions may be 
also affected.

Description: Apache Camel RabbitMQ enables Java deserialization by default

Mitigation: 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0 The JIRA tickets: 
https://issues.apache.org/jira/browse/CAMEL-14711 refers to the various commits that resovoled the issue, and have more 
details.

On behalf of the Apache Camel PMC

--
Andrea Cosentino 
----------------------------------
Apache Camel PMC Chair
Apache Karaf Committer
Apache Servicemix PMC Member
Email: ancosen1985 () yahoo com
Twitter: @oscerd2
Github: oscerd

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook
Vulmon Logo
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started