CVE-2020-11971: Improper Input Validation in Apache Camel
(updated )
Apache Camel’s JMX is vulnerable to Rebind Flaw. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.x, 3.0.0 up to 3.1.0 is affected. Users should upgrade to 3.2.0.
References
- www.openwall.com/lists/oss-security/2020/05/14/7
- camel.apache.org/security/CVE-2020-11971.html
- github.com/advisories/GHSA-hfg5-xpvw-c9x4
- github.com/apache/camel/commit/b954402272ddcfbb45dc1495520f920e70cc041c
- issues.apache.org/jira/browse/CAMEL-14811
- nvd.nist.gov/vuln/detail/CVE-2020-11971
- www.oracle.com/security-alerts/cpuapr2022.html
- www.oracle.com/security-alerts/cpujan2021.html
- www.oracle.com/security-alerts/cpuoct2020.html
Code Behaviors & Features
Detect and mitigate CVE-2020-11971 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →