{ "data_type": "CVE", "data_format": "MITRE", "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-11971", "ASSIGNER": "security@apache.org", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "vendor_name": "n/a", "product": { "product_data": [ { "product_name": "Apache Camel", "version": { "version_data": [ { "version_value": "Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0" } ] } } ] } } ] } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Rebind Flaw" } ] } ] }, "references": { "reference_data": [ { "refsource": "MISC", "name": "https://camel.apache.org/security/CVE-2020-11971.html", "url": "https://camel.apache.org/security/CVE-2020-11971.html" }, { "refsource": "MLIST", "name": "[oss-security] 20200514 [SECURITY] New security advisory CVE-2020-11971 released for Apache Camel", "url": "http://www.openwall.com/lists/oss-security/2020/05/14/7" }, { "refsource": "MLIST", "name": "[camel-commits] 20200522 [camel-website] 01/02: CVE-2020-11971 - Amend the fix version", "url": "https://lists.apache.org/thread.html/r7968b5086e861da2cf635a7b215e465ce9912d5f16c683b8e56819c4@%3Ccommits.camel.apache.org%3E" }, { "refsource": "MLIST", "name": "[camel-commits] 20200522 [camel-website] branch CVE-2020-11971-amend created (now 2a753f7)", "url": "https://lists.apache.org/thread.html/r16f4f9019840bc923e25d1b029fb42fe2676c4ba36e54824749a8da9@%3Ccommits.camel.apache.org%3E" }, { "refsource": "MLIST", "name": "[camel-commits] 20200522 [camel-website] 02/02: CVE-2020-11971 - Amended fix version", "url": "https://lists.apache.org/thread.html/r3d0ae14ca224e69fb1c653f0a5d9e56370ee12d8896aa4490aeae14a@%3Ccommits.camel.apache.org%3E" }, { "refsource": "MLIST", "name": "[activemq-issues] 20200601 [jira] [Created] (AMQ-7492) CVE-2020-11971 needs AMQ to upgrade to Apache Camel 3.2.0", "url": "https://lists.apache.org/thread.html/r45da6abb42a9e6853ec8affdbf591f1db3e90c5288de9d3753124c79@%3Cissues.activemq.apache.org%3E" }, { "refsource": "MLIST", "name": "[activemq-issues] 20200622 [jira] [Commented] (AMQ-7492) CVE-2020-11971 needs AMQ to upgrade to Apache Camel 3.2.0", "url": "https://lists.apache.org/thread.html/rb0033c4e9dade1fdf22493314062364ff477e9a8b417f687dc168468@%3Cissues.activemq.apache.org%3E" }, { "refsource": "MLIST", "name": "[activemq-issues] 20200622 [jira] [Assigned] (AMQ-7492) CVE-2020-11971 needs AMQ to upgrade to Apache Camel 3.2.0", "url": "https://lists.apache.org/thread.html/r8988311eb2481fd8a87e69cf17ffb8dc81bfeba5503021537f72db0a@%3Cissues.activemq.apache.org%3E" } ] }, "description": { "description_data": [ { "lang": "eng", "value": "Apache Camel's JMX is vulnerable to Rebind Flaw. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.x, 3.0.0 up to 3.1.0 is affected. Users should upgrade to 3.2.0." } ] } }