CVE-2023-34442

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-34442

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-34442.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-34442

Aliases

GHSA-6g2w-257v-3c9f

Withdrawn

2024-09-03T04:41:26.331792Z

Published

2023-07-10T16:15:52Z

Modified

2024-09-03T04:33:25.677953Z

Severity

3.3 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Camel.This issue affects Apache Camel: from 3.X through <=3.14.8, from 3.18.X through <=3.18.7, from 3.20.X through <= 3.20.5, from 4.X through <= 4.0.0-M3.

Users should upgrade to 3.14.9, 3.18.8, 3.20.6 or 3.21.0 and for users on Camel 4.x update to 4.0.0-M1

References

https://lists.apache.org/thread/x4vy2hhbltb1xrvy1g6m8hpjgj2k7wgh

Affected packages

Git / github.com/apache/camel

Affected ranges

Type: GIT
Repo: https://github.com/apache/camel
Events: Introduced

ac11f88de7594232c3c28532a19377764665ce13

Fixed

82c8215b2c3b5e8807f2df5f495e6f42f1728114

Affected versions

camel-3.*

camel-3.0.0

camel-3.14.0

camel-3.14.1

camel-3.14.2

camel-3.14.3

camel-3.14.4

camel-3.14.5

camel-3.14.6

camel-3.14.7

camel-3.14.8