RHSA-2024:6883HighCVSS 9.1

Red Hat Security Advisory: Red Hat Build of Apache Camel 3.20.7 for Spring Boot security update.

Published
September 19, 2024
Last Modified
June 30, 2026

🔗 CVE IDs covered (6)

📋 Description

CVE-2023-52428 — nimbus-jose-jwt: large JWE p2c header value causes Denial of Service CVE-2024-5971 — undertow: response write hangs in case of Java 17 TLSv1.3 NewSessionTicket CVE-2024-7885 — undertow: Improper State Management in Proxy Protocol parsing causes information leakage CVE-2024-29736 — apache: cxf: org.apache.cxf:cxf-rt-rs-service-description: SSRF via WADL stylesheet parameter CVE-2024-32007 — apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE CVE-2024-45294 — org.hl7.fhir.core: org.hl7.fhir.dstu3: org.hl7.fhir.r4: org.hl7.fhir.r4b: org.hl7.fhir.r5: org.hl7.fhir.utilities: XXE vulnerability in XSLT transforms in org.hl7.fhir.core

🔗 References (9)