← back
CVE-2020-11972

CVE-2020-11972

EPSS 5.5%
Apache Camel RabbitMQ enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0.
Affected products
n/a · Apache Camel

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://camel.apache.org/security/CVE-2020-11972.htmlhttps://www.oracle.com/security-alerts/cpujan2021.htmlhttps://www.oracle.com/security-alerts/cpuoct2020.htmlhttp://www.openwall.com/lists/oss-security/2020/05/14/10http://www.openwall.com/lists/oss-security/2020/05/14/8