[jira] [Created] (CAMEL-20630) CVE-2024-25710, CVE-2024-26308 - Vulnerabilities with Camel-zip-deflater-starter maven dependency

Sasikumar Muthukrishnan Sampath (Jira) Thu, 28 Mar 2024 12:26:33 -0700

Sasikumar Muthukrishnan Sampath created CAMEL-20630:
-------------------------------------------------------


             Summary: CVE-2024-25710, CVE-2024-26308 - Vulnerabilities with 
Camel-zip-deflater-starter maven dependency
                 Key: CAMEL-20630
                 URL: https://issues.apache.org/jira/browse/CAMEL-20630
             Project: Camel
          Issue Type: Bug
    Affects Versions: 3.22.1
            Reporter: Sasikumar Muthukrishnan Sampath


Hi,

 

We have couple of vulnerabilities CVE-2024-25710, CVE-2024-26308 with 
'Camel-zip-deflater'. These vulnerabilities are from 
org.apache.commons:commons-compress.1.21.jar, need to upgrade to 1.26.0.

Is there any plan to release a new patch version on 3.22 with the fix?



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (CAMEL-20630) CVE-2024-25710, CVE-2024-26308 - Vulnerabilities with Camel-zip-deflater-starter maven dependency

Reply via email to