What is RHSA-2024:3708?

RHSA-2024:3708 is a security advisory published by Red Hat Product Security with High severity. Red Hat Security Advisory: Red Hat Build of Apache Camel 3.20.6 for Spring Boot security update.

Which CVE IDs does RHSA-2024:3708 cover?

RHSA-2024:3708 covers the following CVE IDs: CVE-2022-45685, CVE-2023-44483, CVE-2024-22257, CVE-2024-22262, CVE-2024-28752, CVE-2022-34169. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of RHSA-2024:3708?

RHSA-2024:3708 has a CVSS v3 base score of 9.8, published by Red Hat Product Security.

RHSA-2024:3708HighCVSS 9.8

Red Hat Security Advisory: Red Hat Build of Apache Camel 3.20.6 for Spring Boot security update.

Vendor

Red Hat Product Security

Published

June 6, 2024

Last Modified

May 27, 2026

🔗 CVE IDs covered (6)

CVE-2022-45685 →CVE-2023-44483 →CVE-2024-22257 →CVE-2024-22262 →CVE-2024-28752 →CVE-2022-34169 →

📋 Description

CVE-2022-34169 — OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) CVE-2022-45685 — jettison: stack overflow in JSONObject() allows attackers to cause a Denial of Service (DoS) via crafted JSON data CVE-2023-44483 — santuario: Private Key disclosure in debug-log output CVE-2024-22257 — spring-security: Broken Access Control With Direct Use of AuthenticatedVoter CVE-2024-22262 — springframework: URL Parsing with Host Validation CVE-2024-28752 — cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding

🔗 References (8)

selfhttps://access.redhat.com/errata/RHSA-2024:3708
externalhttps://access.redhat.com/security/updates/classification/#important
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2108554
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2214825
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2246070
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2270732
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2275257
selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_3708.json