CVE-2023-34442

2023-07-1016:15:52

Google

osv.dev

cve-2023-34442

apache camel

sensitive information

unauthorized actor

software foundation

upgrade

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.2%

JSON

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Camel.This issue affects Apache Camel: from 3.X through <=3.14.8, from 3.18.X through <=3.18.7, from 3.20.X through <= 3.20.5, from 4.X through <= 4.0.0-M3.

Users should upgrade to 3.14.9, 3.18.8, 3.20.6 or 3.21.0 and for users on Camel 4.x update to 4.0.0-M1

CPENameOperatorVersion
cameleqcamel-3.11.2
cameleqcamel-3.14.0
cameleqcamel-4.0.0-M1
cameleqcamel-3.1.0
cameleqcamel-3.11.5
cameleqcamel-3.11.6
cameleqcamel-3.20.0
cameleqcamel-3.20.2
cameleqcamel-3.4.1
cameleqcamel-3.11.1

Name	Operator	Version
camel	eq	camel-3.11.2
camel	eq	camel-3.14.0
camel	eq	camel-4.0.0-M1
camel	eq	camel-3.1.0
camel	eq	camel-3.11.5
camel	eq	camel-3.11.6
camel	eq	camel-3.20.0
camel	eq	camel-3.20.2
camel	eq	camel-3.4.1
camel	eq	camel-3.11.1