Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-34442

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Camel.This issue affects Apache Camel: from 3.X through <=3.14.8, from 3.18.X through <=3.18.7, from 3.20.X through <= 3.20.5, from 4.X through <= 4.0.0-M3. Users should upgrade to 3.14.9, 3.18.8, 3.20.6 or 3.21.0 and for users on Camel 4.x update to 4.0.0-M1

Published

2023-07-10T16:15:52.703

Last Modified

2024-11-21T08:07:15.040

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 3.3 (LOW)

Weaknesses

Type: Secondary
CWE-200
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	apache	camel	< 3.14.9	Yes
Application	apache	camel	< 3.18.8	Yes
Application	apache	camel	< 3.20.6	Yes
Application	apache	camel	4.0.0	Yes
Application	apache	camel	4.0.0	Yes
Application	apache	camel	4.0.0	Yes

References

https://lists.apache.org/thread/x4vy2hhbltb1xrvy1g6m8hpjgj2k7wgh Mailing List, Vendor Advisory ([email protected])
https://lists.apache.org/thread/x4vy2hhbltb1xrvy1g6m8hpjgj2k7wgh Mailing List, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)