CNNVD-202601-4382 Information

CNNVD ID

CNNVD-202601-4382

Related CVE

CVE-2026-24656

• CNNVD Published: 2026-01-26

Description (Chinese)

Apache Karaf Decanter是Apache基金会的一个监控和告警模块。 Apache Karaf Decanter 2.12.0之前版本存在安全漏洞，该漏洞源于log socket collector存在不可信数据反序列化，可能导致拒绝服务攻击。

Description (English)

Apache Karaf Decanter is a monitoring and alarm module of the Apache Foundation. There was a security loophole in the pre-Apache Karaf Decanter 2.12.0 version, which stemmed from the existence of untrustworthy data back-sequencing that could lead to denial of service attacks.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

阿帕奇

Published

2026-01-26

Last Modified

2026-02-24

References

https://lists.apache.org/thread/dc5wmdn6hyc992olntkl75kk04ndzx34 http://www.openwall.com/lists/oss-security/2026/01/24/1 https://access.redhat.com/security/cve/cve-2026-24656

Patch

https://karaf.apache.org/