CVE-2024-23114: Apache Camel: Camel-CassandraQL: Unsafe Deserialization from CassandraAggregationRepository

CVE-2024-23114: Apache Camel: Camel-CassandraQL: Unsafe Deserialization from CassandraAggregationRepository

Open Source Security [[{„value“:“

Posted by Andrea Cosentino on Feb 19

Severity: important

Affected versions:

– Apache Camel 3.0.0 before 3.21.4
– Apache Camel 3.22.0 before 3.22.1
– Apache Camel 4.0.0 before 4.0.4
– Apache Camel 4.1.0 before 4.4.0

Description:

Deserialization of Untrusted Data vulnerability in Apache Camel CassandraQL Component AggregationRepository which is
vulnerable to unsafe deserialization. Under specific conditions it is possible to deserialize malicious payload.This
issue affects…
„}]] Read More 

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert