First published: Wed Jul 08 2020(Updated: )
A flaw was found in camel. Camel's templating components are suseptable to Server-Side Template Injection and arbitrary file disclosure. The highest threat from this vulnerability is to data confidentiality.
Credit: security@apache.org
Affected Software | Affected Version | How to fix |
---|---|---|
Apache Camel | >=2.22.0<=2.22.5 | |
Apache Camel | >=2.23.0<=2.23.4 | |
Apache Camel | >=2.24.0<=2.24.3 | |
Apache Camel | >=3.0.0<=3.3.0 | |
Apache Camel | =2.25.0 | |
Apache Camel | =2.25.1 | |
Oracle Communications Diameter Signaling Router | >=8.0.0<=8.5.0 | |
Oracle Enterprise Manager Base Platform | =13.4.0.0 | |
Oracle Enterprise Repository | =11.1.1.7.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-11994 is a vulnerability that allows for Server-Side Template Injection and arbitrary file disclosure on Camel templating components.
CVE-2020-11994 poses a high threat to data confidentiality.
Camel's templating components are susceptible to CVE-2020-11994.
CVE-2020-11994 has a severity value of 7, indicating a high severity.
Apply the necessary patches or updates provided by the vendor to mitigate CVE-2020-11994.