An improper input validation of the p2c parameter in the Apache CXF JOSE code before 4.0.5, 3.6.4 and 3.5.9 allows an attacker to perform a denial of service attack by specifying a large value for this parameter in a token. 
History

Wed, 25 Sep 2024 19:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat camel Quarkus
CPEs cpe:/a:redhat:camel_quarkus:3.8
Vendors & Products Redhat camel Quarkus

Thu, 19 Sep 2024 23:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat
Redhat apache Camel Spring Boot
CPEs cpe:/a:redhat:apache_camel_spring_boot:3.20.7
Vendors & Products Redhat
Redhat apache Camel Spring Boot

Fri, 13 Sep 2024 18:30:00 +0000

Type Values Removed Values Added
References

Thu, 08 Aug 2024 13:30:00 +0000

Type Values Removed Values Added
References

cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published: 2024-07-19T08:50:31.832Z

Updated: 2024-09-13T17:04:44.644Z

Reserved: 2024-04-08T15:34:17.712Z

Link: CVE-2024-32007

cve-icon Vulnrichment

Updated: 2024-09-13T17:04:44.644Z

cve-icon NVD

Status : Modified

Published: 2024-07-19T09:15:04.713

Modified: 2024-08-01T13:51:19.560

Link: CVE-2024-32007

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-07-19T00:00:00Z

Links: CVE-2024-32007 - Bugzilla