CVE-2020-11971
HIGH7.5EPSS 9.7%Improper Input Validation in Apache Camel
發布日:2021/5/21修改日:2026/3/18
描述
Apache Camel's JMX is vulnerable to Rebind Flaw. Apache Camel users should upgrade to 3.2.0.
受影響套件(3)
- Maven/org.apache.camel:camelfrom 0, < 3.2.0
- Maven/org.apache.camel:camel-corefrom 0, < 3.2.0
- Maven/org.apache.camel:camel-managementfrom 0, < 3.2.0
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
參考連結(19)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2020-11971
- PATCHhttps://github.com/apache/camel
- WEBhttps://camel.apache.org/security/CVE-2020-11971.html
- WEBhttps://github.com/apache/camel/commit/b954402272ddcfbb45dc1495520f920e70cc041c
- WEBhttps://issues.apache.org/jira/browse/CAMEL-14811
- WEBhttps://lists.apache.org/thread.html/r16f4f9019840bc923e25d1b029fb42fe2676c4ba36e54824749a8da9@%3Ccommits.camel.apache.org%3E
- WEBhttps://lists.apache.org/thread.html/r3d0ae14ca224e69fb1c653f0a5d9e56370ee12d8896aa4490aeae14a@%3Ccommits.camel.apache.org%3E
- WEBhttps://lists.apache.org/thread.html/r45da6abb42a9e6853ec8affdbf591f1db3e90c5288de9d3753124c79@%3Cissues.activemq.apache.org%3E
- WEBhttps://lists.apache.org/thread.html/r52a5129df402352adc34d052bab9234c8ef63596306506a89fdc7328@%3Cusers.activemq.apache.org%3E
- WEBhttps://lists.apache.org/thread.html/r7968b5086e861da2cf635a7b215e465ce9912d5f16c683b8e56819c4@%3Ccommits.camel.apache.org%3E
- WEBhttps://lists.apache.org/thread.html/r8988311eb2481fd8a87e69cf17ffb8dc81bfeba5503021537f72db0a@%3Cissues.activemq.apache.org%3E
- WEBhttps://lists.apache.org/thread.html/r938dc2ded68039ab747f6d7a12153862495d4b38107d3ed111994386@%3Cissues.activemq.apache.org%3E
- WEBhttps://lists.apache.org/thread.html/r9dc2505651788ac668299774d9e7af4dc616be2f56fdc684d1170882@%3Cusers.activemq.apache.org%3E
- WEBhttps://lists.apache.org/thread.html/rb0033c4e9dade1fdf22493314062364ff477e9a8b417f687dc168468@%3Cissues.activemq.apache.org%3E
- WEBhttps://lists.apache.org/thread.html/rc907a3d385a9c62416d686608e7241c864be8ef2ac16a3bdb0e33649@%3Cissues.activemq.apache.org%3E
- WEBhttps://www.oracle.com/security-alerts/cpuapr2022.html
- WEBhttps://www.oracle.com/security-alerts/cpujan2021.html
- WEBhttps://www.oracle.com/security-alerts/cpuoct2020.html
- WEBhttp://www.openwall.com/lists/oss-security/2020/05/14/7