CVE-2023-34442

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Camel.This issue affects Apache Camel: from 3.X through <=3.14.8, from 3.18.X through <=3.18.7, from 3.20.X through <= 3.20.5, from 4.X through <= 4.0.0-M3.

Users should upgrade to 3.14.9, 3.18.8, 3.20.6 or 3.21.0 and for users on Camel 4.x update to 4.0.0-M1

Published: Jul 10, 2023
Updated: May 9, 2024
CVE: CVE-2023-34442
GHSA: GHSA-6g2w-257v-3c9f
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 3.3
AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
org.apache.camel / camel-jira	3.0.0-M3	3.14.9
org.apache.camel / camel-jira	3.15.0	3.18.8
org.apache.camel / camel-jira	3.20.0	3.20.6
org.apache.camel / camel-jira	4.0.0-M1	4.0.0-RC1
apache / camel	4.0.0-milestone2	4.0.0-milestone2.x
apache / camel	4.0.0-milestone3	4.0.0-milestone3.x
apache / camel	4.0.0-milestone1	4.0.0-milestone1.x
apache / camel	3.20.0	3.20.6
apache / camel	3.18.0	3.18.8
apache / camel	3.0.0	3.14.9

Vulnerability Database

289,697

CVE-2023-34442