An improper input validation of the p2c parameter in the Apache CXF JOSE code before 4.0.5, 3.6.4 and 3.5.9 allows an attacker to perform a denial of service attack by specifying a large value for this parameter in a token.
Metrics
Affected Vendors & Products
References
History
Wed, 25 Sep 2024 19:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat camel Quarkus
|
|
CPEs | cpe:/a:redhat:camel_quarkus:3.8 | |
Vendors & Products |
Redhat camel Quarkus
|
Thu, 19 Sep 2024 23:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat
Redhat apache Camel Spring Boot |
|
CPEs | cpe:/a:redhat:apache_camel_spring_boot:3.20.7 | |
Vendors & Products |
Redhat
Redhat apache Camel Spring Boot |
Fri, 13 Sep 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Thu, 08 Aug 2024 13:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
MITRE
Status: PUBLISHED
Assigner: apache
Published: 2024-07-19T08:50:31.832Z
Updated: 2024-09-13T17:04:44.644Z
Reserved: 2024-04-08T15:34:17.712Z
Link: CVE-2024-32007
Vulnrichment
Updated: 2024-09-13T17:04:44.644Z
NVD
Status : Modified
Published: 2024-07-19T09:15:04.713
Modified: 2024-08-01T13:51:19.560
Link: CVE-2024-32007
Redhat