VDB
CVE-2024-22369
CVE-2024-22369
PUBLISHED
In Apache Camel existieren mehrere Schwachstellen. Das Camel-SQL AggregationRepository und das Camel-CassandraQL AggregationRepository sind gegen eine unsichere Deserialisierung anfällig. Ein Angreifer kann diese Schwachstelle ausnutzen, um bösartige Nutzdaten zu deserialisieren.
EPSS 11.98% · 93.9th percentile
Risk Scores
EPSS Score
11.98%
93.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apache | Apache Camel <4.0.4 | |
| Apache | Apache Camel <3.21.4 | |
| Apache | Apache Camel <4.4.0 | |
| Red Hat | Red Hat Integration Camel K 1 | |
| Apache | Apache Camel <3.22.1 |
Timeline
- Feb 18, 2024 CVE Published
- Feb 21, 2024 EPSS Score
- Apr 15, 2024 EPSS Score
- May 11, 2024 EPSS Score
- Jul 4, 2024 EPSS Score
- Jul 31, 2024 EPSS Score
- Sep 22, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 19, 2024 EPSS Score
- Oct 22, 2024 CVE Updated
- Nov 5, 2024 Coalition ESS Score
- Dec 13, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0418.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0418 advisory
- https://camel.apache.org/security/CVE-2024-22369.htm advisory
- https://camel.apache.org/security/CVE-2024-23114.html advisory
- https://access.redhat.com/errata/RHSA-2024:8339 advisory