Lucene search
Veracode Vulnerability DatabaseVERACODE:25440HistoryMay 15, 2020 - 5:43 a.m.
Insecure Defaults
2020-05-1505:43:05
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
0.008 Low
EPSS
Percentile
81.7%
Apache Camel RabbitMQ uses an insecure default. The Java deserialization is enabled by default and allows an attacker to execute arbitrary code via a deserialization vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| camel :: rabbitmq | le | 2.25.0 | |
| camel :: rabbitmq | le | 3.1.0 |
Related
cve
cve
CVE-2020-11972
2020-05-14 17:15:12
osv
osv
Deserialization of Untrusted Data in Apache Camel RabbitMQ
2021-05-21 19:20:47
CVE-2020-11972
2020-05-14 17:15:12
prion
prion
Deserialization of untrusted data
2020-05-14 17:15:00
nvd
nvd
CVE-2020-11972
2020-05-14 17:15:12
redhatcve
redhatcve
CVE-2020-11972
2020-06-18 12:25:08
cvelist
cvelist
CVE-2020-11972
2020-05-14 16:26:03
github
github
Deserialization of Untrusted Data in Apache Camel RabbitMQ
2021-05-21 19:20:47
ibm
ibm
redhat
redhat
(RHSA-2020:5568) Important: Red Hat Fuse 7.8.0 release and security update
2020-12-16 12:07:05
oracle
oracle
Oracle Critical Patch Update Advisory - January 2021
2021-01-19 00:00:00
Oracle Critical Patch Update Advisory - October 2020
2020-10-20 00:00:00