Lucene search
RedHatRHSA-2024:2834HistoryMay 16, 2024 - 1:51 p.m.
(RHSA-2024:2834) Important: Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.4.SP1)
2024-05-1613:51:15
access.redhat.com
6
red hat
apache camel
quarkus
security update
cve-2024-29025
cve-2024-28752
cve-2024-22371
vulnerability
ssrf
allocation
data exposure
An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available (RHBQ 3.8.4.SP1).
The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products:
- CVE-2024-29025 netty-codec-http: Allocation of Resources Without Limits or Throttling
- CVE-2024-28752 cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding
- CVE-2024-22371 camel-core: Exposure of sensitive data by crafting a malicious EventFactory
Related
cvelist
cvelist
CVE-2024-22371 Apache Camel issue on ExchangeCreatedEvent
2024-02-26 09:22:38
CVE-2024-28752 Apache CXF SSRF Vulnerability using the Aegis databinding
2024-03-15 10:27:30
CVE-2024-29025 Netty HttpPostRequestDecoder can OOM
2024-03-25 20:09:35
ibm
ibm
prion
prion
Code injection
2024-02-26 16:27:00
nvd
nvd
cve
cve
osv
osv
SSRF vulnerability using the Aegis DataBinding in Apache CXF
2024-03-15 12:30:37
Apache Camel data exposure vulnerability
2024-02-26 18:30:30
CVE-2024-29025
2024-03-25 20:15:08
redhatcve
redhatcve
nessus
nessus
Apache CXF < 3.5.8, 3.6.x < 3.6.3, 4.0.x < 4.0.4 SSRF
2024-03-22 00:00:00
RHEL 6 : netty-codec-http (Unpatched Vulnerability)
2024-06-22 00:00:00
Debian dla-3834 : libnetty-java - security update
2024-06-22 00:00:00
github
github
SSRF vulnerability using the Aegis DataBinding in Apache CXF
2024-03-15 12:30:37
Apache Camel data exposure vulnerability
2024-02-26 18:30:30
Netty's HttpPostRequestDecoder can OOM
2024-03-25 19:40:50
veracode
veracode
Information Disclosure
2024-02-28 06:42:07
Server-Side Request Forgery (SSRF)
2024-03-18 08:35:48
Denial Of Service (DoS)
2024-03-28 03:09:13
ubuntucve
ubuntucve
CVE-2024-29025
2024-03-25 00:00:00
cgr
cgr
CVE-2024-28752 vulnerabilities
2024-05-19 03:07:16
CVE-2024-29025 vulnerabilities
2024-05-19 03:07:16
wolfi
wolfi
CVE-2024-28752 vulnerabilities
2024-06-29 09:08:33
CVE-2024-29025 vulnerabilities
2024-06-29 09:08:33
debiancve
debiancve
CVE-2024-29025
2024-03-25 20:15:08
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:1079-1)
2024-05-07 00:00:00
redhat
redhat
(RHSA-2024:2852) Important: Red Hat Build of Apache Camel 4.0 for Quarkus 3.2 update is now available (RHBQ 3.2.12.GA)
2024-05-15 10:09:54
(RHSA-2024:2705) Moderate: Red Hat build of Quarkus 3.2.12 release and security update
2024-05-09 11:54:42
(RHSA-2024:2106) Moderate: Red Hat build of Quarkus 3.8.4 release
2024-05-07 16:19:27
redos
redos
ROS-20240514-04
2024-05-14 00:00:00