Apache Software Foundation Camel 3.0.0 Release Candidate 3

CPE Details

Apache Software Foundation Camel 3.0.0 Release Candidate 3
apache
camel
3.0.0
2020-05-18
12h20 +00:00
2020-05-18
12h20 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:apache:camel:3.0.0:rc3:*:*:*:*:*:*

Informations

Vendor

apache

Product

camel

Version

3.0.0

Update

rc3

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-34442 2023-07-10 09h31 +00:00 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Camel.This issue affects Apache Camel: from 3.X through <=3.14.8, from 3.18.X through <=3.18.7, from 3.20.X through <= 3.20.5, from 4.X through <= 4.0.0-M3. Users should upgrade to 3.14.9, 3.18.8, 3.20.6 or 3.21.0 and for users on Camel 4.x update to 4.0.0-M1
3.3
Low
CVE-2020-11994 2020-07-08 13h13 +00:00 Server-Side Template Injection and arbitrary file disclosure on Camel templating components
7.5
High
CVE-2020-11972 2020-05-14 14h26 +00:00 Apache Camel RabbitMQ enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0.
9.8
Critical
CVE-2020-11973 2020-05-14 14h22 +00:00 Apache Camel Netty enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0.
9.8
Critical
CVE-2020-11971 2020-05-14 14h18 +00:00 Apache Camel's JMX is vulnerable to Rebind Flaw. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.x, 3.0.0 up to 3.1.0 is affected. Users should upgrade to 3.2.0.
7.5
High