Apache Camel Sensitive Info Exposure before 3.14.9/3.18.8/3.20.6/4.0.0-M1
CVE-2023-34442 Published on July 10, 2023
Apache Camel JIRA: Temporary file information disclosure in Camel-Jira
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Camel.This issue affects Apache Camel: from 3.X through <=3.14.8, from 3.18.X through <=3.18.7, from 3.20.X through <= 3.20.5, from 4.X through <= 4.0.0-M3.
Users should upgrade to 3.14.9, 3.18.8, 3.20.6 or 3.21.0 and for users on Camel 4.x update to 4.0.0-M1
Weakness Type
What is an Information Disclosure Vulnerability?
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CVE-2023-34442 has been classified to as an Information Disclosure vulnerability or weakness.
Products Associated with CVE-2023-34442
Want to know whenever a new CVE is published for Apache Camel? stack.watch will email you.
Affected Versions
Apache Software Foundation Apache Camel JIRA:- Version 3.x, <= <=3.14.8 is affected.
- Version 3.18.x, <= <=3.18.7 is affected.
- Version 3.20.x, <= <= 3.20.5 is affected.
- Version 4.x, <= <= 4.0.0-M3 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.