{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"state": "REJECTED", "cveId": "CVE-2022-45046", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "dateUpdated": "2022-12-19T16:24:37.230Z", "dateReserved": "2022-11-08T00:00:00", "datePublished": "2022-12-05T00:00:00", "dateRejected": "2022-12-19T16:24:37.230Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2022-12-19T16:24:37.230Z"}, "rejectedReasons": [{"lang": "en", "value": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."}]}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."}], "id": "CVE-2022-45046", "lastModified": "2023-11-07T03:54:29.393", "metrics": {}, "published": "2022-12-05T14:15:10.090", "references": [], "sourceIdentifier": "security@apache.org", "vulnStatus": "Rejected"}

{"acknowledgement": "Red Hat would like to thank 4ra1n (Chaitin Tech) for reporting this issue.", "bugzilla": {"description": "camel-ldap: LDAP Injection on camel-ldap component when using the filter option", "id": "2150871", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150871"}, "csaw": false, "cwe": "CWE-90", "details": ["This flaw targets the camel-ldap package. According to the maintainers this CVE should be retracted soon."], "mitigation": {"lang": "en:us", "value": "Maintainers have added a documentation detail regarding LDAP Injection in Camel LDAP component. Please check the link for more information. \nhttps://github.com/apache/camel/blob/3ea0740370bb436dcf70b91dcbfb4e2177fca797/components/camel-ldap/src/main/docs/ldap-component.adoc"}, "name": "CVE-2022-45046", "package_state": [{"cpe": "cpe:/a:redhat:camel_spring_boot:3", "fix_state": "Not affected", "package_name": "org.apache.camel-camel", "product_name": "Red Hat build of Apache Camel for Spring Boot 3"}, {"cpe": "cpe:/a:redhat:quarkus:2", "fix_state": "Not affected", "package_name": "io.quarkus.platform-quarkus-platform-config", "product_name": "Red Hat build of Quarkus"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Not affected", "package_name": "com.redhat.fuse.eap-fuse-eap", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Not affected", "package_name": "org.apache.camel-camel", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Not affected", "package_name": "org.wildfly.camel.example-example-camel", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Not affected", "package_name": "org.wildfly.camel-wildfly-camel", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:integration:1", "fix_state": "Not affected", "package_name": "org.apache.camel-camel", "product_name": "Red Hat Integration Camel K"}, {"cpe": "cpe:/a:redhat:integration:1", "fix_state": "Not affected", "package_name": "org.apache.camel.kafkaconnector-camel-kafka-connector-aggregator", "product_name": "Red Hat Integration Camel K"}, {"cpe": "cpe:/a:redhat:integration:1", "fix_state": "Not affected", "package_name": "org.apache.camel.quarkus-camel-quarkus", "product_name": "Red Hat Integration Camel K"}, {"cpe": "cpe:/a:redhat:camel_quarkus:2", "fix_state": "Not affected", "package_name": "org.apache.camel-camel", "product_name": "Red Hat Integration Camel Quarkus"}, {"cpe": "cpe:/a:redhat:jboss_fuse:6", "fix_state": "Not affected", "package_name": "com.redhat.fuse.eap-fuse-eap", "product_name": "Red Hat JBoss Fuse 6"}, {"cpe": "cpe:/a:redhat:jboss_fuse:6", "fix_state": "Not affected", "package_name": "org.apache.camel-camel", "product_name": "Red Hat JBoss Fuse 6"}, {"cpe": "cpe:/a:redhat:jboss_fuse:6", "fix_state": "Not affected", "package_name": "org.jboss.fuse.bom-jboss-fuse-parent", "product_name": "Red Hat JBoss Fuse 6"}, {"cpe": "cpe:/a:redhat:jboss_fuse_service_works:6", "fix_state": "Not affected", "package_name": "com.redhat.fuse.eap-fuse-eap", "product_name": "Red Hat JBoss Fuse Service Works 6"}, {"cpe": "cpe:/a:redhat:jboss_fuse_service_works:6", "fix_state": "Not affected", "package_name": "org.apache.camel-camel", "product_name": "Red Hat JBoss Fuse Service Works 6"}, {"cpe": "cpe:/a:redhat:jboss_fuse_service_works:6", "fix_state": "Not affected", "package_name": "org.jboss.fuse.bom-jboss-fuse-parent", "product_name": "Red Hat JBoss Fuse Service Works 6"}], "public_date": "2022-12-05T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-45046\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-45046\nhttps://camel.apache.org/security/CVE-2022-45046.html"], "upstream_fix": "camel-ldap 3.14.6, camel-ldap 3.18.4"}