Introduction
Introduction Statistics Contact Development Disclaimer Help
Post ArwXWiYVNX7Typfyj2 by [email protected]
More posts by [email protected]
Post #ArsXMTmYfokMdKWm5g by [email protected]
0 likes, 0 repeats
New by me - No, there isn’t a world ending Apache Camel vulnerabilityhttps://…
Post #ArsZoWkNRZMPqT0dzE by [email protected]
0 likes, 0 repeats
If anybody is wondering where the posts online are about this, we had most of t…
Post #ArtKv7ovDMmSPQmcMK by [email protected]
0 likes, 1 repeats
Apache have updated their Camel advisory, it is really a particular and limited…
Post #ArtLFJdWzXaMqf5CQS by [email protected]
0 likes, 0 repeats
Apache credit AT&T for the find - who are also listed as the source of the …
Post #ArtYHNd6PnmnDSCHNg by [email protected]
0 likes, 1 repeats
@GossiTheDog there are some significant humps to reliable exploitation, I'm…
Post #Aruqk7V5SHD5vHGHlg by [email protected]
0 likes, 0 repeats
Apache have modified the Camel vuln description again. The attack surface obvi…
Post #Arv2utkM88mvtyJFTs by [email protected]
0 likes, 0 repeats
Akamai have released a PoC for the Camel thing, which introduces a deliberately…
Post #Arv3PLm4ULydW1dHH6 by [email protected]
0 likes, 0 repeats
In b4 people start spraying coin miners at the URI /vulnerable after seeing tha…
Post #Arv4NKM6tNyWUT5YdU by [email protected]
0 likes, 0 repeats
@GossiTheDog can't wait for copilot to add this repo to its corpus!
Post #ArwOJMhCRTkmpbIjC4 by [email protected]
0 likes, 0 repeats
As if by magic, the function in the Akamai PoC is being sprayed online at any o…
Post #ArwUMWkI8IuaatddJI by [email protected]
0 likes, 0 repeats
Updated El Bloggo with some prevention and detection suggestions, and noting pr…
Post #ArwW346iaKkQBEyYYS by [email protected]
0 likes, 1 repeats
@GossiTheDog Well, "is being sprayed randomly" does not contradict &q…
Post #ArwXWiYVNX7Typfyj2 by [email protected]
0 likes, 0 repeats
@GossiTheDog ok, but can we quickly talk about how the Description section read…
Post #ArweMW7lRUT8CzFe4G by [email protected]
0 likes, 1 repeats
@GossiTheDog I did not even know what Apache Camel up until this weekend.
Post #Arygf1j8Rp665cjkxc by [email protected]
0 likes, 0 repeats
Qualys' blog about CVE-2025-27636 shows a proof of concept which isn't …
Post #AryhNqy7IHJXkq7SdM by [email protected]
0 likes, 0 repeats
In the latest with the Camel CVE-2025-27636 saga - the attempted exploitation a…
Post #AryoDSLweuOEC4FpUe by [email protected]
0 likes, 0 repeats
@GossiTheDog They probably think it could be a log4j situation. thx for keeping…
Post #Arz1vL82B9WLvw0Fvs by [email protected]
0 likes, 0 repeats
Apache issued another CVE - CVE-2025-29891 - but it's effectively the same …
Post #As2lxDwJ3dMna7EYNc by [email protected]
0 likes, 0 repeats
Akamai did a blog on the Apache Camel vulns. It’s been marketing polished up …
Post #As2mGKcmQWqzoiDBxo by [email protected]
0 likes, 0 repeats
In summary
Post #As2p2FnzqaDWgAR9mq by [email protected]
0 likes, 1 repeats
@GossiTheDog Reminds me of the time that GreyNoise published a fake PoC exploit…
Post #As2physj9w9SLzXxpI by [email protected]
0 likes, 1 repeats
@wdormann @GossiTheDog "We created a PoC and tested it, then saw active ex…
Post #As2rTFAKX9DyQDsfjM by [email protected]
0 likes, 0 repeats
Qualys went back and fixed their blog, kudos - no longer says zero day and they…
Post #As3ATQDtJwK1qSLSFM by [email protected]
0 likes, 0 repeats
@GossiTheDog People need to justify their salaries
Post #As3Mia0sP0tS0CFfdY by [email protected]
0 likes, 1 repeats
Redhat have scored the Camel vuln CVE-2025–27636 as CVSS 6.3, CISA-ADP have s…
Post #As3NsRJhgq2JsgK6zY by [email protected]
0 likes, 0 repeats
Another fun one from this saga - the Twitter 'dark web' accounts which …
Post #As3OZzYGHVySVhtrXM by [email protected]
0 likes, 0 repeats
Critical... 9.8 CVSS score we made up... RED ALERT!!!!!!!!!!!!!!!!!!!!!!!!!!!!…
Post #As3Oh1cwxkmuyVRlNQ by [email protected]
0 likes, 0 repeats
@GossiTheDog maybe a negative indicator on the reliability of those sources
Post #As3PPO0n6BrP8nkdKi by [email protected]
0 likes, 0 repeats
@GossiTheDog CISA-ADP is a godsent, istg,if they ever let me rewrite our securi…
Post #As3Pcju11MQKnYwujA by [email protected]
0 likes, 0 repeats
@GossiTheDog this reminds me of something mentioned by the Youtuber Lazerpig on…
Post #As3PggnQVnjCK4kbyK by [email protected]
0 likes, 0 repeats
@GossiTheDog there's gotta be a much better way to make a name for yourself…
Post #As3Pik835mgXEoNNFQ by [email protected]
0 likes, 0 repeats
@GossiTheDog so, essentially, most of these are (possibly semi-automated) conte…
Post #As3T1tAdzzAUe4PXdI by [email protected]
0 likes, 0 repeats
@GossiTheDog we need spanning-tree for CVE
Post #As3T9kPMShJ7mk2fgW by [email protected]
0 likes, 0 repeats
Btw - this thread isn't to downplay the two Apache Camel vulns. They'r…
Post #As3WLjCh45lTO5WNdY by [email protected]
0 likes, 0 repeats
@GossiTheDog "If you use Apache Camel for something like a Jetty based web…
Post #As3aOT7ZiQpcC4gnz6 by [email protected]
0 likes, 0 repeats
@GossiTheDog isn’t the CVSS only useful if you have multiple „problems“ a…
You are viewing proxied material from pleroma.anduin.net. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.