Exposure of sensitive data by by crafting a malicious EventFactory and providing a custom ExchangeCreatedEvent that exposes sensitive data. Vulnerability in Apache Camel.This issue affects Apache Camel: from 3.21.X through 3.21.3, from 3.22.X through 3.22.0, from 4.0.X through 4.0.3, from 4.X through 4.3.0.
Users are recommended to upgrade to version 3.21.4, 3.22.1, 4.0.4 or 4.4.0, which fixes the issue.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: apache
Published: 2024-02-26T09:22:38.384Z
Updated: 2024-08-05T15:10:44.042Z
Reserved: 2024-01-09T12:04:27.624Z
Link: CVE-2024-22371
Vulnrichment
Updated: 2024-08-01T22:43:34.525Z
NVD
Status : Awaiting Analysis
Published: 2024-02-26T16:27:56.557
Modified: 2024-02-26T16:32:25.577
Link: CVE-2024-22371
Redhat