[ online | html | pdf ]
You are looking for some examples to learn how to implement bundle for Apache Karaf ? There is some usefull examples include in the source code, you can also browse and view documentation on the github of the projet.
If you are looking for examples that are missing here or you want to share your example with the community, please contact us on the mailing list and we will add it with pleasure.
CVE-2014-0219 : Apache Karaf enables a shutdown port on the loopback interface, which allows local users to cause a denial of service (shutdown) by sending a shutdown command to all listening high ports.
CVE-2016-8750 : Apache Karaf's LDAPLoginModule is vulnerable to LDAP injection.
CVE-2018-11786 : Enforce SSH permission based on RBAC.
CVE-2018-11787 : Unsecure access to Gogo shell in the webconsole.
CVE-2018-11788 : XXE vulnerability found on Apache Karaf.
CVE-2019-0191: Zip-slip vulnerability in KAR deployer.
CVE-2019-0226: Arbitrary file write vulnerability in Config service.
CVE-2020-11980: A remote client could create MBeans from arbitrary URLs.
CVE-2021-41766: Insecure Java Deserialization.
CVE-2022-22932: Path traversal flaws
CVE-2022-40145: JDBC JAAS LDAP injection