Lucene search

K
redhatRedHatRHSA-2024:1948
HistoryApr 22, 2024 - 1:28 p.m.

(RHSA-2024:1948) Important: Red Hat Build of Apache Camel 3.18 for Quarkus 2.13 is now available (updates to RHBQ 2.13.9.SP2)

2024-04-2213:28:12
access.redhat.com
9
red hat
apache camel
quarkus
security updates
cve-2024-28752
aegis databinding
cve-2024-25710
commons-compress
dump file
cve-2024-26308
outofmemoryerror
pack200
unix

7.2 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

26.4%

An update for Red Hat Build of Apache Camel 3.18 for Quarkus 2.13 is now available (updates to RHBQ 2.13.9.SP2).
The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products:

  • TRIAGE CVE-2024-28752 cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding
  • TRIAGE CVE-2024-25710 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file
  • TRIAGE CVE-2024-26308 commons-compress: OutOfMemoryError unpacking broken Pack200 file