CVE-2023-34442

CVE-2023-34442: Apache Camel JIRA: Temporary file information disclosure in Camel-Jira

Vendor Apache Software Foundation

Product Apache Camel JIRA

Weakness CWE-200 · Info exposure

Published July 10, 2023

Last update October 7, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Camel.This issue affects Apache Camel: from 3.X through <=3.14.8, from 3.18.X through <=3.18.7, from 3.20.X through <= 3.20.5, from 4.X through <= 4.0.0-M3. Users should upgrade to 3.14.9, 3.18.8, 3.20.6 or 3.21.0 and for users on Camel 4.x update to 4.0.0-M1

Key dates

Disclosure timeline

July 10, 2023 CVE published

October 7, 2024 Record updated

Identifiers

CVE CVE-2023-34442

CWE CWE-200

Affected versions

Vendor Apache Software Foundation

Product Apache Camel JIRA

Affected ≥ 3.x and ≤ <=3.14.8

Vendor Apache Software Foundation

Product Apache Camel JIRA

Affected ≥ 3.18.x and ≤ <=3.18.7

Vendor Apache Software Foundation

Product Apache Camel JIRA

Affected ≥ 3.20.x and ≤ <= 3.20.5

Vendor Apache Software Foundation

Product Apache Camel JIRA

Affected ≥ 4.x and ≤ <= 4.0.0-M3