First published: Wed Sep 13 2023(Updated: )
A security update for Camel for Spring Boot 3.18.3.2 is now available. The purpose of this text-only errata is to inform you about the security issues fixed in this release.<br><li> spring-boot: Security Bypass With Wildcard Pattern Matching on Cloud Foundry (CVE-2023-20873)</li> <li> jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode (CVE-2021-46877)</li> <li> bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)</li> <li> snappy-java: Unchecked chunk length leads to DoS (CVE-2023-34455)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software | Affected Version | How to fix |
---|---|---|
Red Hat Red Hat Integration - Camel for Spring Boot |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of RHSA-2023:5147 is high.
RHSA-2023:5147 affects Red Hat Integration - Camel for Spring Boot.
Yes, a security update is available for RHSA-2023:5147.
More information about RHSA-2023:5147 can be found on the Red Hat Customer Portal.